• No results found

NSFOCUS Remote Security Assessment System. Overview

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "NSFOCUS Remote Security Assessment System. Overview"

Copied!
8
0
0

Loading.... (view fulltext now)

Download now ( 8 Page )

Full text

(1)

[Data Sheet]

Overview

Network vulnerabilities are an increasingly common issue in today's highly complex computing environments. With exploit attacks appearing faster than ever before, it has become significantly more challenging for organizations to protect against attacks. Only if users could discover these vulnerabilities in their network and proactively get ready before attackers take action, can the losses of attacks be effectively avoided

With years experience and practice in security services, along with requirements and product functionality from the end users, the NSFOCUS Remote Security Assessment System (RSAS) is a “must have” security assessment tool for enterprise’s system/security administrators to effectively identify and remediate the network vulnerabilities that could lead to exposure and malicious attacks.

 Supported by professional NSFOCUS Security Research Team and integrated leading technologies such as NSIP (NSFOCUS Intelligent Profile), NSFOCUS RSAS discovers security vulnerabilities of the network and cyber asset automatically, efficiently and accurately.

 The Open Vulnerability Management (Open VM) platform provides powerful security solution to achieve vulnerability management in the entire workflow.

 The freestanding design and embedded operating system has dramatically improved the system’s efficiency and keep the system itself in safe. It is stable and reliable, with no additional storage devices needed.

 The powerful Web application scanner can perform overall security scanning to Web applications, Web services and supportive systems, and help IT staff to simplify the work in finding and fixing application vulnerabilities.

(2)

[Data Sheet]

 NSFOCUS takes elaborate analysis to vulnerabilities found in the network assets, quantifies risks via an authoritative assessment model, and provides professional solutions to reduce risks. The convenient management function helps IT staffs quickly locate any risk residing in the information assets.

Features

Customer-friendly Design

Assessment products are widely used in telecom carriers, governments and large-scale enterprises. NSFOCUS RSAS is designed to meet different and specific requirements in each focused field. Features like Multi-stage distributed deployment, open vulnerability management platform and multi-task capability are good choice to large network environments , while “one-click” intelligent task mode, quick reporting and intelligent digest technique are the highlights in organization and enterprise's network environments when it comes to ease of use and high performance.

Complete Vulnerability Management

Based on the Open VM workflow, NSFOCUS vulnerability management can be divided into five circular phases: vulnerability forecast, vulnerability detection, risk management, vulnerability remediation, and vulnerability audit. This compete solution can significantly reduce

(3)

[Data Sheet]

Ease of Use

It’s not only easy to install this system, but also very simple to operate and maintain it. The intelligent “one-click” task mode, quick reporting, intelligent digest and many other techniques in this system have successfully realized the simplicity and efficiency in use.

Meantime, NSFOCUS RSAS supports multi-user management. Through strict privilege division, the system can manage several virtual devices on one physical device, and support auditing logs about login, operation and anomaly.

Largest Chinese Vulnerability Knowledge Base

NSFOCUS is maintaining the largest Chinese vulnerability knowledge base (KB) in the global. This KB covers almost all common vulnerabilities in operating systems, databases, network devices and application programs which can be exploited remotely or locally. Over 9000 entries vulnerability information in the RSAS are picked from the KB. When a critical vulnerability is detected, the security team of NSFOCUS will forecast its potential threat and provide update packages within two days from the first discovery.

(4)

[Data Sheet]

Accurate and Efficient Detection

To ensure accuracy of vulnerability assessment, NSFOCUS RSAS is integrated Intelligent Profile technique to collect information of the target system and uninterruptedly adjust the data occurred in the middle of the progress to ensure a trusted final assessment.

NSFOCUS RSAS is armed with a powerful scanning engine, namely NSSE (NSFOCUS Scanning Engine), which integrates automatic scanning technique relying on intelligent recognition of open port services and interdependent relationship with detection policies. Leveraging this powerful engine and a dedicated optimized operating system, the RSAS features very fast and accurate detection capability.

Professional Web Application Scanner

NSFOCUS RSAS Web application scanner is developed based on years of research on numerous Web attack tactics prevailing toady. It is an automatic security assessment and detection tool specially designed for Web application security administrators. Through combination of this modular scanner and traditional system scanning function, the RSAS greatly reduce the user’s investment on additional appliance. Here we briefly introduce some characteristics of this scanner:

 Professional. It’s a very professional tool to help administrators detect application vulnerabilities. Many advanced techniques (such as simulated clicking crawler to intelligently discover threats and active malware detection techniques) are integrated in this tool.

 Comprehensive. It provides multi-stage and overall vulnerability scanning, auditing, penetration testing and aided logical analysis to Web applications, Web services and supportive systems, keeping the network in safe by active finding potential risks and providing efficient remediation solutions.

 Effectiveness. It performs very fast and granular analysis to target Web applications by virtue of the embedded operating system, optimized scanning engine and high-performance intelligent crawler technique.

(5)

[Data Sheet]

three aspects: assets, vulnerability, and threats.

After assessment, this model outputs the trend analysis, both in quantity and in quality, with which users will be very clear about vulnerability distribution, top risk-ranged assets, and vulnerability distribution in a specific OS or application, as well as risks residing in their individual assets and the entire networks. By now, NSFOCUS RSAS is second to none vulnerability assessment product in China that adopts multi-dimensional and quantitative/qualitative assessment.

Granular and Comprehensive Reporting

NSFOCUS RSAS takes very granular analysis to security state of the entire network in different angle of views, like vulnerability distribution, threat severity, top 10 vulnerabilities and host information. It not only provides offline reporting, but also provides powerful online reporting. In addition, a practical report controller is designed to help users obtain effective information when requiring specific reports in line with a certain role, content or format.

Risk analysis is given from the perspectives of macro and micro. At the macro scale, the RSAS reflects the whole network security status from different perspectives, including the granular statistical analysis of vulnerability distribution, threat severity, host information etc. in forms of column and pie charts; at the micro scale, the RSAS provides detailed solutions to each vulnerability detected, helping system administrators solve security issues quickly and accurately; moreover, it supports information retrieve by inputting key words, which facilitates knowing more about a host or a vulnerability.

International Certificate and Standard

NSFOCUS RSAS is a “CVE Compatible” assessment product and is the only vulnerability assessment product in China achieved the Checkmark Certification from West Coast Labs.

(6)

[Data Sheet]

Specifications

Table 1.1 NSFOCUS RSAS Functional Specification

Specification RSAS X Series RSAS S Series RSAS E Series Vulnerability Assessment    Weak Password Scan    Vulnerabilities Checks > 9,000 > 9,000 > 9,000 Risk Mgt.    Max. Number of

Alive IP Addresses 512 Unlimited Unlimited

Scan Speed in Lab

(IP/minute) 5 10 20

Max. Concurrent

Scan (IP address) 30 60 90

Max. Number of Users 3 30 50 Number of IP Addresses in Single Task Multiple IP addresses in Class B Multiple IP addresses in Class B Multiple IP addresses in Class B Max. Concurrent Scan Tasks 5 10 10

Max. Task Storage 100 150 500

Basic Reports   

System Mgt.   

Advanced Data

Analysis Optional  

Web Application

Scanner Optional Optional Optional

Application

(7)

[Data Sheet]

.

Table 1.2 NSFOCUS RSAS Web Application Scanner

Specification All

Series

Applications

HTTP 1.0 &1.1 Web application system

Web 2.0/Ajax application

Static and dynamic webpage

Web services

Web underlying support system

Authentication method (cookie, NTLM etc.)

HTTPS Web application system

Vulnerabilities

SQL Injection vulnerability scan

XSS vulnerability scan

Webpage Trojan detection

Web malware detection

Form type detection

Cookie security detection

CGI vulnerability scan

GOOGLE-HACK detection

CSRF

Invalid links discover

Sensitive file detection

Web services misconfiguration detection

Functions & Features

Intelligent crawling technology

Back-end database identification

WASC vulnerability classification

“One-click” auto scanning

Website structure display

Regular, periodic scanning

Multi-threaded, multi-task concurrent scanning

(8)

[Data Sheet]

Table 1.3 NSFOCUS RSAS Physical Specifications

Model RSAS X Series RSAS S Series RSAS E Series

NIC 100/1000M Adaptive 100/1000M Adaptive 100/1000M Adaptive Serial Port RS232 (DB9) RS232 (DB9) RS232 (RJ45) Memory 1G 2G 4G Rack Mountable 1 U 1 U 2 U Weight 7.0 Kg 7.0 Kg 12.0 Kg Dimension (H*L*W) 44*392*430 (mm) 44*392*430 (mm) 88*392*440 (mm) Power Supply 220 V,180 W 220 V, 180 W 220 V, 350 W MTBF > 60,000 hours > 60,000 hours > 60,000 hours

Operating Temp. 0-40℃ 0-40℃ 0-40℃ Non-operating Temp. -20-65℃ -20-65℃ -20-65℃ Relative Humidity 10%-95% non-condensing 10%-95% non-condensing 10%-95% non-condensing Electromagnetic Radiation Standard Class A, EN55022, FCC Part15 Class A, EN55022, FCC Part15 Class A, EN55022, FCC Part15

For more information:

For more information about NSFOCUS products and services, please contact the NSFOCUS sales

NSFOCUS

TEL: +86 10 68438880 EMAIL: [email protected]

NSFOCUS US

TEL: +1 408 907 6638 EMAIL: [email protected]

NSFOCUS Japan

TEL: +81 3 6206 8156 EMAIL: [email protected] For more information visit NSFOCUS Website: www.nsfocus.com

“NSFOCUS” is the trademark of NSFOCUS Information Technology Co., Ltd.

NSFOCUS enjoys all copyrights with respect to all textual narrations, document formats, illustrations, photographs, methods, processes and other contents, unless otherwise specified, which shall be governed by relevant property rights and copyright laws. Without written permission

About NSFOCUS

NSFOCUS is a proven global leader in active perimeter network security for service providers, data centers, and corporations. It focuses on providing network security solutions including: carrier-grade Anti-DDoS System, Web Application Firewall, and Network Intrusion Prevention

Figure

Table 1.1 NSFOCUS RSAS Functional Specification
Table 1.2 NSFOCUS RSAS Web Application Scanner
Table 1.3 NSFOCUS RSAS Physical Specifications

References

Download now ( PDF - 8 Page - 504.54 KB )

Related documents

Wireless Fusion Enterprise Mobility Suite. User Guide for Version 2.55

If the user checked the User Certificate check box on the Tunneled Authentication dialog box or if TLS is the selected authentication type, the Installed User Certificates

SHEDDING LIGHT ON THE CLOUD

It is the process by which your data, and even your applications (your software and services), are moved online (i.e. away from your desktop) into the cloud, providing you and

Why do people file share unlawfully? A systematic review, meta-analysis and panel study

Estimate the relationship between at least one TPB construct (Attitudes, Subjective Norms or Perceived Behavioral Control) and either intentions to unlawfully download a media file

Associations Between Body Composition and Movements During Gait in Women.

on the study of the acceleration of the body is considered to be valid and reliable for predicting the risk of falling or for discriminating between population groups with

Empathy and Moral Judgment

This more modest hypothesis predicts that empathy deficient people, regardless of their reasoning capacity, will be poor at making moral judgments when moral insight is needed –

ERP Marketplace and Marketplace Dynamics

• The Accounts Receivable Module also integrates with the General ledger, Sales and Distribution, and Cash Management Modules.. Example of

A Review of the Data Broker Industry: Collection, Use, and Sale of Consumer Data for Marketing Purposes

While there is no statutory definition for “data brokers,” the Federal Trade Commission (FTC) has defined this term to include “companies that collect information, including personal

Half-height-pin GapWaveguide Technology and its Applications in High Gain Planar Array Antennas at MillimeterWave Frequency

As an example of the applications, a high gain planar array antenna at V band by using the half-height-pin gap waveguide has been designed and is presented in the paper with a