IBM Proventia Network Enterprise Scanner 1500

Overview:

Knowing what is on your network and where potential problems lie is essential to identifying and managing risk. Complying with security regulations and outlining remedies can be very costly and labor intensive. IBM Proventia Network Enterprise Scanner enables you to save both costs and time in managing your network vulnerabilities. Enterprise Scanner helps ensure the availability of your revenue-producing services and protects your corporate data by identifying and prioritizing risks, assigning protection activities and reporting on results.

Highlights:

• Helps reduce network security risk by accurately identifying, prioritizing, tracking and reporting network vulnerabilities
• Saves time through automated and continuous scanning
• Scans up to 5 network segments from a single appliance, helping to reduce costs

Accelerating time to risk reduction by prioritizing protection
Your network is constantly under threat from viruses, worms, spyware, unauthorized users, and other security threats. Performing a critical task such as vulnerability management within your organization's time and cost constraints is a challenge. You need to convert the complex procedures necessary to assess IT risks into simple ones, as well as automate the time-consuming manual steps to free up resources. You need the ability to scan multiple network segments, which can require additional hardware, further adding to your cost. Plus, you need to plan remedial measures and meet regulatory compliance.

Enterprise Scanner is a proactive tool that accelerates time to risk reduction by prioritizing vulnerability remediation tasks. It eliminates manual steps by allowing continuous automated scanning across multiple network segments from a single appliance. It helps you leverage existing investments and decrease the cost of ownership through IT system integration. It helps identify existing IT risks and enables you to observe due diligence in conforming to regulatory requirements.

Identifying and reporting vulnerabilities to help reduce risks
Many organizations have complex IT infrastructures that can be prone to security risks. You need to assess your organization's security vulnerabilities and determine remedial steps before any real damage occurs. Enterprise Scanner provides help in discovering IT assets, determining their vulnerabilities, recommending remediation steps and assigning workflow activities to the appropriate personnel. Tracking and monitoring vulnerability issues is easy with the internal and external ticketing system. You gain the detail needed to pass audits and maintain compliance standards using the reporting and benchmarking features, plus you can generate customized reports that show incremental progress in risk reduction. In conjunction with IBM Proventia Management SiteProtector™ system and IBM Internet Security Systems™X-Force, Enterprise Scanner uses the Common Vulnerability Scoring System (CVSS)—an industry standard for assessing the severity of security vulnerabilities—enabling you to under-stand your critical vulnerabilities and how to prioritize remediation tactics.

Enhancing execution of vulnerability management tasks by automating scanning
Lack of network bandwidth for critical assets can severely impact business performance. You need to free up resources for critical business applications by controlling the bandwidth used by a scanner or a group of scanners. Enterprise Scanner enables you to set limits on the amount of bandwidth each scan requires and allows you to prioritize scans to meet your business needs and rules. Plus, using automatic pause and resume features during identified scan windows can help eliminate manual steps and speed up the vulnerability assessment process. Asset classification, auto-grouping, scan prioritization and automated updates help reduce the workload of your IT resources, allowing you to focus on strategic security and network initiatives.

Leveraging existing business systems and IT investments
Organizations have multiple network segments that need to be scanned regularly. You need to lower the cost of ownership for vulnerability management by integrating it with your existing processes and applications and con-trolling hardware costs. The five ports on the Enterprise Scanner ES1500 allow you to use a scanning appliance to scan multiple segments leading to a reduction in total costs. Automatic load balancing improves scalability and performance and a task-oriented Graphic User Interface (GUI) facilitates faster and easier changes to meet your business needs, helping to reduce operational costs. Enterprise Scanner provides seamless integration with

Microsoft Active Directory, allowing you to import your Active Directory structure on a recurring basis and use its categorization and grouping as a basis for your scanning system. Plus, Enterprise Scanner can also be integrated with other asset management databases and workflow systems, allowing you to better leverage your IT investment.

Why IBM?
IBM Proventia Enterprise Network Scanner (Enterprise Scanner) is powered by a vulnerability database from IBM’s award-winning Internet Security Services (ISS) X-Force research and development team. IBM ISS is one of the only companies that can safeguard your corporate information by identifying vulnerabilities on your systems and blocking them from attack—without compromising the integrity of your net-work. We provide flexible deployment options and high performance and scalability for large distributed enterprises. Plus, Enterprise Scanner provides seamless integration with the IBM ISS Proventia product suite allowing for extensive scanning, protection, net-work monitoring and a wide range of reporting.

Features:

• Detects over 1,500 device types and over 3,400 service types to accurately identify the components of your network
   
• Assigns or allows responsibility to be assigned to specific assets to meet corporate governance and traceability standards
   
• Provides for multisource discovery by using different asset identification techniques that can detect newly connected devices and previously undiscovered assets
   
• Capable of conducting emergency scans to provide quick, ad-hoc scan results of your network when the need arises
   
• Follows an asset-centric scan policy that ensures policy association with assets rather than with scanner
   
• Can group and report by geography, network layout, business system or any other useful grouping of assets
   
• Extends 24/7 support, including platform updates
   
• Performs specific tests in a non-impacting manner to analyze the effects of a real attack without exposing your network to real threats
   
• Automatically detects new vulnerabilities based on X-Force® expert recommendations
   
• Provides for automatic ticket creation through a flexible rule based system

Accelerate security risk reduction with IBM Proventia Network Enterprise Scanner.

Reduce risk and protect your revenue-producing business processes and systems
Protecting your business revenue rests on knowing your network and securing the systems that support your stakeholders, including employees, customers, investors and partners. Yesterday’s vulnerability assessment systems are making way for today’s vulnerability management and protection systems, which prioritize vulnerability management activities to optimize protection and accelerate risk reduction. Proventia Network Enterprise Scanner (Enterprise Scanner) can help improve the availability of your revenue-producing services and optimize the protection of your corporate assets by identifying where risk exists, prioritizing and assigning protection activities, and reporting on results. Furthermore, Enterprise Scanner decreases risk to your network’s uptime and can save your team time and money by automating the vulnerability management and protection process.

Managing the vulnerability protection process is a huge challenge, regardless of your company’s size. The capabilities embedded in Enterprise Scanner help prioritize risk-reduction activities and communicate results within your organization.

You may have invested thousands or even millions of dollars on your IT infrastructure, along with the systems and tools necessary to track assets, facilitate change and support your users. Enterprise Scanner is designed to leverage your existing IT infrastructure and processes, strengthening the value of previous investments.

Patch protection, although necessary, takes time; meanwhile, your systems may be exposed. Enterprise Scanner, when combined with other security protection products from IBM, prioritizes activities that accelerate risk reduction and helps optimize protection of the network.

Safeguarding your corporate information and reducing risks associated with your network devices, operating systems and applications are among your highest priorities. Preemptive IBM Virtual Patch technology is designed to protect at-risk systems and segments, helping organizations avoid emergency patching and allowing normal change-control processes to be followed. Use Enterprise Scanner alongside the IBM Proventia Network Intrusion Prevention System (IPS) to enhance protection for your network.

IBM Internet Security Systems™ (ISS) has been supplying vulnerability scanning tools to enterprises and auditors for over ten years. We have outfitted Enterprise Scanner with an extended set of auditing tools, thereby allowing you to manage and protect your vulnerabilities with the same knowledge and expertise the auditors use when assessing your network.

The IBM ISS vulnerability management and protection system empowers your security, network and systems teams to work in concert, proactively reducing risks and allowing the organization to concentrate on its core business.

Behind the scenes: how IBM ISS delivers scan and block protection
Operating system and application vendors rarely supply patches in time to defend against attacks, and the rollout of a vendor-supplied patch often involves a lengthy assurance test cycle prior to delivery.

Scan and block allows you to take charge of your protection. First, scan your network using Enterprise Scanner to identify at-risk areas vulnerable to attack. Next, schedule a traditional patch-protection rollout for the underlying asset during an available service window. Finally, provide immediate protection by optimizing the configuration of Proventia protection technologies to help protect your infrastructure—from the gateway to the core to remote endpoints.

Enterprise Scanner process

What is a vulnerability management and protection system?
Vulnerability management and protection is a continuous process that helps protect your valuable customer information, critical network assets and intellectual property. It quickly identifies vulnerabilities and provides remediation steps and blocking techniques, while tracking and verifying risk reduction.

Enterprise Scanner delivers a “best-practices” security process to discover, track, block, fix, confirm and report vulnerabilities—virtually eliminating many of the manual steps involved in vulnerability management.

IBM ISS delivers high-performance network security
IBM ISS delivers comprehensive end-to-end security for all facets of your business. Centrally managed by the IBM Proventia management SiteProtector™ system, our protection platform is one of the only truly integrated solutions combining network, server and desktop protection with vulnerability management and protection.

Technical Specifications:

Requirements - Hardware Specifications:
 

Model:	Enterprise Scanner 1500	Enterprise Scanner 750
Physical Characteristics
Form Factor	1-RU	Desktop
Dimensions (DxWxH)	429 mm D x 382 mm W x 44 mm H 16.9" D x 15.0" W x 1.73" H	177 mm D x 250 mm W x 39 mm H 6.9" D x 9.8" W x 1.5" H
Weight	Gross 11.1 kg (24.47 lb) Net: 6.5 kg (14.33 lb)	1.2 kg (2.6 lb)
Emissions	FCC Class A	FCC Class A
Certifications	CE/FCC/UL/cUL	CE/FCC/UL/cUL
Power
Power supply unit	Full-range 250-watt PSU auto-switching	65-watt PSU, 100 – 240 volts AC, 47 – 63Hz
Environment
Operating Temperature	Temp: 5°C – 35°C (41°F – 95°F) for P4 3.0 – 3.4 GHz processors	Temp: 0°C – 40°C (32°F – 104°F)
Storage Temperature	20% – 90% relative	20% – 90% relative
Humidity	-20°C – 70°C (-4°F – 158°F)	-20°C – 70°C (-4°F – 158°F)
Ports
Scan ports	Five 32-bit gigabit PCI-Express Ethernet ports	One 10/100/1,000 PCI Ethernet port
Management	One 32-bit gigabit Ethernet port	One 32-bit gigabit Ethernet port
Console	Serial port one – front-accessible RJ-45 connector	Serial port one – front-accessible RJ-45 connector
USB	Two USB 2.0/front accessible	Two USB 2.0/rear accessible
Front Panel
LCD display	LCD panel 2 x 16 characters LCD module with four buttons (reserved for future use)	N/A

Discovery performance specifications:
 

Model:	Enterprise Scanner 1500	Enterprise Scanner 750
Physical Characteristics
Form Factor	13,000 – 24,000 IPs per hour	11,000 – 23,000 IPs per hour
Performance figures based on Firmware 2.1 with XPU 1.40 default policies on several different sized networks. Discovery speeds can be 2x to 3x faster on much smaller networks (50-500 hosts) due to the low number of time-outs.

Scan team performance gains:
 

Proventia Network Enterprise Scanner and Internet Scanner Software Comparison Matrix:

Uncompromising Protection for Every Layer of Your Network

Offers vulnerability protection and helps quantify and reduce overall risk to all network components. Appliance or software solutions identify where risk exists, prioritize and assign protection, and report results.

Proventia Network Enterprise Scanner and IBM Internet Scanner Software
Model:
	Enterprise Scanner 750	Enterprise Scanner 1500	Internet Scanner
Typical Deployment	Network core/perimeter scanning; external-to-network scanning	Network core/perimeter scanning; external-to-network scanning	Enterprise/SMB; Auditing environments
Maximum Recommended Nodes/Users	3,000 per appliance	10,000 per appliance	Unlimited
Security Content Updates	Powered by X-Force	Powered by X-Force	Powered by X-Force
Form Factor	Desktop	1U appliance	Software
Capabilities Summary
Intrusion Prevention	Scan and block when used with IPS solutions	Scan and block when used with IPS solutions	No
Intrusion Detection	No	No	No
Antivirus (behavior-based)	No	No	No
Antivirus (signature-based)	No	No	No
Content Filtering	No	No	No
Protected segments	No	No	No
Web Application/ Database Protection	No	No	No
VoIP Security	No	No	No
Spyware Prevention	No	No	No
VPN	No	No	No
Hardware-Related Specifications
Monitoring or scanning interfaces	1	5	Hardware Dependent
Inline protected segments	N/A	N/A	N/A
Throughput available	250 assets/hour	800 assets/hour	Hardware dependent
Concurrent sessions (rated maximum)	N/A	N/A	N/A
Maximum connection per second	N/A	N/A	N/A
High Availability/ Failover	Available	Available	No
Host Protection Featrues
Log Auditing	N/A	N/A	N/A
Application Control	N/A	N/A	N/A
Buffer Overflow Exploit Protection	N/A	N/A	N/A
Supported Operating Systems/Platforms	N/A	N/A	N/A
Vulnerability Management Features
Scanning Discovery	Yes	Yes	Yes
Asset Classification	Yes	Yes	No
Vulnerability Assessment	Yes	Yes	Yes
Scanning Windows	Yes	Yes	No
Workflow Solution	Yes	Yes	Limited
Results Reporting	Yes	Yes	Yes
Mail Security Features
Spam detection rate	N/A	N/A	N/A
False positive rate	N/A	N/A	N/A
Spam and compliance analysis modules	N/A	N/A	N/A
Anti-phishing/Image-based Spam	N/A	N/A	N/A
Granular policy control	N/A	N/A	N/A
Global/group/user settings	N/A	N/A	N/A
End user access	N/A	N/A	N/A

* Based on real world message flow, containing messages of varying sizes including variants with attachments and/or images

Documentation:

Download the IBM Proventia Network Enterprise Scanner Platform Datasheet (PDF).