Retina Network Security Scanner - FAQ A Basic Introduction to Retina Network FAQ
FAQ Retina Network Security Scanner - FAQ GENERAL QUESTIONS: A Basic Introduction to Retina Network Security Scanner What is Retina Network Security Scanner? How is this different from your community product? Are there any features that are not enabled in RNSS? How much does RNSS cost? How many targets / IP’s can I scan? How many machines can I install my copy of RNSS on? What are the product’s standard assessment capabilities? How often do you update the vulnerability feed with new checks? Where do you get your vulnerability information? What are the system/hardware requirements for using RNSS? Can I upgrade RNSS to a full Retina CS implementation? How long will it take to install and deploy? What other products does RNSS integrate with? LICENSING QUESTIONS: Is your compliance / reporting module included in the purchase of RNSS? Are your patching and configuration modules compatible with this RNSS license? Where can I find the License Agreement? I’m a consultant; can I use RNSS to conduct my client’s audits? We are a Managed Security Service Provider (MSSP); can we install RNSS on a server appliance that we provide to our customers? SUPPORT QUESTIONS: Where can I go to get help on an issue I’m having with RNSS? Do you offer training? Do you have a Support Portal? How many Technical Contacts am I allowed? Does RNSS equally support all operating system and hardware combinations? May I request to escalate an issue’s priority? GENERAL QUESTIONS Q. What is Retina Network Security Scanner? A. With over 10,000 deployments since 1998, Retina Network Security Scanner is the in dustry’s most mature and effective vulnerability scanning technology for identification of vulnerabilities, missing patches, and configuration weaknesses designed and imple mented to protect an organization’s IT assets. Q. How is this different from your community product? A. This is full feature version of our flagship vulnerability scanning product Retina Network security scanner (RNSS). Differences in the community version and licensed solution can be found here: http://www.beyondtrust.com/Resources/compareproducts/ Q. Are there any features that are not enabled in RNSS? A. This is a full feature version of RNSS that also includes a license for Regulatory Reporting. Users have the option of licensing Retina CS for centralized control and management of multiple scan engines. Q. How much does RNSS cost? A. RNSS Costs $1,200 a year for a subscription, one license for one machine. Q. How many targets / IP’s can I scan? A. You can target an unlimited number of assets with RNSS. Q. How many machines can I install my copy of RNSS on? A. Each license allows you to install RNSS on only one machine. Licenses can be uninstalled and transferred one time only to another machine if needed using a wizard within the solution. Q. What are the product’s standard assessment capabilities? A. Network Systems • Assess network devices, operating systems, applications, ports and services against a vast, constantly updated vulnerability database • Accurately identify vulnerabilities with a false positive rate below 1% • Perform Class C network scans in under 15 minutes on average • Leverage ICMP, registry, NetBIOS, and the NMAP signature database, as well as proprietary OS fingerprinting capabilities • Perform local assessments of Cisco, Linux, Unix and other devices via SSH including support for SuDo accounts Adjust scans for custom machine configurations, ports and applications via automated input/output data reconciliation on each port • Support SCAP-compliant, continuous vulnerability and configuration monitoring per DIACAP, FISMA, STIG, FDCC, Microsoft, and USGCB guidelines • Get PCI DSS 2.0 scanning and reporting capabilities out of the box Databases • Scan Oracle®, Microsoft SQL Server® and MySQL databases for security exposures Virtual Environments • Conduct VMware vCenter® scans with detailed risk intelligence for ESXi and virtual machines • Scan online & offline virtual images, plus virtualized application templates (ThinApp® packages) • Schedule scans to automatically update the vCenter console with centralized compliance and risk information • Stay updated on new vulnerabilities that could impact the hyper-visor and virtual machines Data Discovery • Retina Local Scanning Service (RLSS) provides the ability to perform local tasks on the target being scanned. (This is a temporary service that is deployed, performs an action, and then is removed.) • The advanced dissolvable scanning capabilities of Retina Local Scanning Service (RLSS) makes it possible for a vulnerability assessment to now find sensitive data, report on the asset, and identify the file, path, and type of data discovered • Ability to audit for Personally Identifiable Information (PII) on remote targets Q. How often do you update the vulnerability feed with new checks? A. We provide vulnerability feed updates several times a week. These are automatically updated by RNSS from the BeyondTrust audit database. Q. Where do you get your vulnerability information? A. The Retina vulnerability database is created and maintained by the BeyondTrust research team. This world-class team of security professionals is tasked with not only identifying vulnerabilities that can be audited by Retina but also performing various intelligence gathering activities around vulnerabilities and exploits. Their charter is to create relevant security mappings between vulnerabilities and exploits that are actively being used against organizations. This dedicated team of researchers uses a variety of both free and paid sources of data in order to update and maintain the Retina vulnerability database. Q. What are the system/hardware requirements for using RNSS? Retina Network Security Scanner (RNSS) Current Version 5.19.2 [2013-July-311] Operating System(s) Windows XP (32-bit and 64-bit) Windows Server 2003 (32-bit and 64-bit) Windows Vista SP2 (32-bit and 64-bit) Windows Server 2008 SP2 (32-bit and 64-bit) Windows 7 (32-bit and 64-bit) Windows Server 2008 R2 (64-bit) Windows 8 (32-bit and 64-bit) Windows Server 2012 (64-bit) VMWare vCenter 5.0 or 5.1 and the vCenter Client for the Retina Plugin for VMWare Processor Intel Pentium IV 1.4GHz (or compatible) Memory 1GB Hard Drive 1GB Software Microsoft .Net Framework 2.0 (included with installer) Network Network Interface Card (NIC) with TCP/IP enabled Notes Retina must be run under an Administrator account on the scanning system. Q. Can I upgrade RNSS to a full Retina CS implementation? A. Yes, please contact your account executive directly so we can fully understand your requirements. Q. How long will it take to install and deploy? A. Installation and activation typically take no longer than 15 minutes. Q. What other products does RNSS integrate with? Partner Description Method Allgress Security and Compliance Reporting Flat File ArcSight ArcSight ESM SmartConnector Database BMC Remedy Helpdesk Web Services CA Unicenter and Spectrum SNMP, email Control Case Retina Cloud & Governance, Risk, and Compliance Command Line, API, Database Core Security Core Impact, Penetration Testing DSN, Audits.XML eIQNetworks Security Information Manager Database Firemon Security Information Manager FlatFile, Database ForeScout Network Access Control Command Line LogRhythm Security Information Manager Database Metasploit Penetration Testing Flat File, API, UI Modulo Governance, Risk, and Compliance Database N-able Remote Manager OEM, API NetIQ Security Information Manager NitroSecurity (McAfee) Security Information Manager SNMP Prism Microsystems Security Information Manager SNMP RedSeal RedSeal Security Risk Manager Database RSA RSA Envision SNMP Skybox Skybox View Suite DSN * Only this feature Legend: • API – Integration into solutions API for direct control and communications • Audits.XML – Consumes the solutions audit database directly • Command Line –Manages scan jobs and reports directly from the command line • DSN – Requires the solution to use an ODBC DSN for data storage • eMail – Results are email driven • Flat File – Flat files such as a CSV of XML are used to process vulnerability results • Database – Direct connectivity to the management database for asset and scan results • OEM – An OEM relationship exists with this vendor LICENSING QUESTIONS Q. Is your compliance / reporting module included in the purchase of RNSS? A. Yes, it is included free of charge. Q. Are your patching and configuration modules compatible with this RNSS license? A. No they are not compatible with this version of Retina. If you are interested in deploying integrated patching, configuration, Retina Insight (SQL database) and/or centralized management of multiple copies you will need to upgrade to Retina CS. Q. Where can I find the License Agreement? A. It is located in the installation directory. Q. I’m a consultant; can I use RNSS to conduct my client’s audits? A. At this time the license is restricted for use only in enterprise accounts. Q. We are a Managed Security Service Provider (MSSP); can we install RNSS on a server appliance that we provide to our customers? A. Right now RNSS is limited to use by an individual. SUPPORT QUESTIONS Q. Where can I go to get help on an issue I’m having with RNSS? A. BeyondTrust offers Basic Support for this software. You can locate help in our forums, knowledgebase articles, or by filling out a support request form on the Customer Portal. • Community Forums (24 hours per day/7 days per week) http://www.beyondtrust.com/Resources/Forums/ • Product Knowledgebase (24 hours per day/7 days per week) http://www.beyondtrust.com/Resources/Support/ • Email Support within Customer Portal (6AM-3PM PT Monday-Friday) http://www.beyondtrust.com/Resources/Support/ Q. Do you offer training? A. Training can be purchased for an additional cost and is customized for your needs. Visit our website to find out more. http://www.beyondtrust.com/Resources/ProfessionalServices/ Q. Do you have a Support Portal? A. Yes, the support portal can be found at: http://www.beyondtrust.com/Resources/Support/ Q. How many Technical Contacts am I allowed? A. There is no limit to the number of contacts you are allowed to add to your account. Q. Does RNSS equally support all operating system and hardware combinations? What documentation do you have available? A. Please reference the requirements document for RNSS. Q. May I request to escalate an issue’s priority? ABOUT BEYONDTRUST BeyondTrust is a proven leader with more than 25 years of experience. More than half of the companies listed on the Dow Jones, eight of the 10 largest banks, seven of the 10 largest aerospace and defense firms, and six of the 10 largest U.S. pharmaceutical companies rely on BeyondTrust to secure their enterprise. CONTACT INFO North American Sales 1.800.234.9072 [email protected] EMEA Sales Tel: + 44 (0) 8704 586224 [email protected] Corporate HeadQuarters 550 West C Street, Suite 1650 San Diego, CA 92101 1.800.234.9072 CONNECT WITH US Twitter: @beyondtrust Facebook.com/beyondtrust Linkedin.com/company/beyondtrust www.beyondtrust.com A. Escalations can be requested through your support representative.
© Copyright 2024