What is SmartScan?
SmartScan is an easy-to-use and handy solution being a real godsend to assess protection maturity and manage information security in enterprises of any scale. Its troubleshooting functionality addresses any and all vulnerabilities left behind by code errors, incorrect security settings, weak passwords, unauthorized installation of software or hardware, delays in critical updates, and security policy breaches.
The Smartest Security Scanner
- System and application software update audit;
- System and application software vulnerability audit;
- Security configuration audit;
- Security configuration audit of Microsoft SQL Server, mySQL and Oracle Database;
- Application server audit (web servers); Cisco IOS security audit;
- Software and hardware inventory;
- Integrity control of certain files (folders);
- Identification of open ports and services;
- Password brute-force;
- System configuration monitoring;
- Documenting of check results.
What SmartScan can do?
- Full vulnerability audit
- Database security audit
- Application server audit
- Virtual platforms audit
- Integrity monitoring
- Patch management
- Password checking
- Policy compliance
- Network inventory
SmartScan scans network hosts, centrally and/or locally, for vulnerabilities in operating systems, general purpose and specialized software. Both manual and automatic vulnerability audit options are available, being triggered by jobs preset in the management console. The scanning can use either always-on managed agents or an agent-less technology. The checks compare the system parameters against vulnerability signatures kept in the open repository OVALdb and defined in SCAP format. Today, SmartScan database contains vulnerabilities of 1,000+ software programs:
- All Microsoft Windows editions (except Home Edition), starting from Windows XP / Windows Server 2003 and higher;
- Linux: Red Hat Enterprise Linux 3+, SUSE Linux Enterprise Desktop 10+,
SUSE Linux Enterprise Server 10+, Ubuntu 4.10+, Debian GNU/Linux 2.2+
Debian GNU/kFreeBSD 6.0+, Oracle Linux 5+, openSUSE 12.1+, CentOS Linux 2+, etc.;
- Office software and browsers: Microsoft Office, LibreOffice, Adobe Acrobat/Reader, Adobe Photoshop, 1С, WinRAR, WinZip, 7Zip, ACDSee, Crystal Ent, Microsoft Explorer/Edge, Google Chrome, Firefox, Opera and many others, with a total of 600+ programs;
- Frameworks, crypto libraries, plugins, etc.;
- DBMS: Microsoft SQL Server, Oracle Database, MySQL, PostgreSQL;
- Application and web servers: IIS, Apache, NGINX, .NET Framework, etc.;
- Virtualization software: Microsoft Hyper-V, VMware ESXi/vCenter, and Xen,
The vulnerability database is updated and enriched with new platform and product vulnerability definitions on a daily basis. All the security content used by SmartScan is synchronized with NVD (National Vulnerability Database) and automatically updated each time the program is started. The support of OVAL standard language allows users to download vulnerability definitions from third-party sources or develop custom definitions.
The easiest and cheapest way to crack security is to find systems that have software installed with default settings. Such software configurations usually offer the maximum functionality but do not guarantee security. This is why proper security settings and their integrity control underlie any system security.
SmartScan automatically monitors security parameters and checks whether IT systems, their separate components or nodes comply with standards, security policies, vendor recommendations, and other best practices, with security configuration parameters being controlled on both desktop and user levels. Users can create their own configurations and add them to the assessment plans. SmartScan contains ready-to-use configurations developed in line with international standards and guidelines. The reports notify of security parameter issues and, beyond that, provide setup recommendations. The support of standardized SCAP format allows users to download third-party compliance policies, for example, from Microsoft SCM. In addition, we can develop customized compliance policies to meet your requirements.
Here are some security configurations that are part of the basic scanner edition:
|MS Windows-8- USC/CSC||VMware-ESXi-6|
|MS Windows-8.1- USC/CSC||VMware-vCenter-5|
|MS WS2008R2- SSLF-domain/ member/AD-Certificate/DHCP/DNS||MS SRP|
|MS WS2012- domain/member/||MS SQL Server|
|MS WS2012R2- domain/member||Apache-Tomcat|
|MS IE10-User||Apache HTTP|
|MS IE11-User||MS IIS .NET|
|Server RedHat Ent||CiscoLevel1/2Router|
Database servers usually contain the most sensitive information, loss or disclosure of which may cause financial losses and regulatory sanctions. An effective tool for DBMS security management, SmartScan provides scan reports as unbiased and well-grounded documentary proof of regulatory and national standard compliance.
While searching for vulnerabilities and non-installed critical updates, the scanner can also check the settings of:
- Access management for database servers and network resources;
- Authentication and privileges;
- Data protection, cryptography, and encryption;
- Update control and installation;
- Event audit and logging;
- Backup and disaster recovery;
- Interaction with apps and users;
- Secure use of stored procedures;
- and much more.
The suggested configurations are based on vendor recommendations and developed to bring balance between DBMS functionality, performance, and security. SCAP-based compliance policies enable users to customize and expand configuration assessments without any assistance.
A cornerstone of application server security is admin’s daily routine work, such as new nodes deployment, deactivation of non-used assets and services, software updates, vulnerability tracking, and security settings management. To have the slightest idea of admin workload and qualification, just imagine that an application server may have hundreds of parameters applied at different levels (root, certain resource or site, directory, etc.), with dozens of server instances being in place. So human error is a key risk here. As we all know, people do make mistakes and cannot compete with computing systems in terms of physical capacity.
The SmartScan scanner effectively monitors and comprehensively audits application server security, including:
- Vulnerability audit;
- Update audit;
- Security parameters configuration audit;
- Installed software inventory;
- DBMS security parameters audit;
- Application integrity control.
As for application servers, the security configuration audit covers a range of common web servers and their components (platforms), such as Apache, NGINX, MS IIS, and MS .NET Framework.
The following security configurations are available to the scanner users:
- Apache HTTP Server;
- Apache Tomcat;
- IIS и .NET;
- Linux Additional Services;
- NGINX web servers;
- Remote Access Checklist.
Using the above configurations, a company can control security settings of the most common roles and services (HTTP server, mail servers, text processors, software platforms, etc.) in various Linux and Windows environments. The configurations are developed in line with vendor guidelines and international best practices.
Today’s hypervisors provide decent security, reliability and manageability but need to be taken care of as any physical desktop does. Virtual machines are also exposed to data loss/corruption, viruses and hacking and thus need antivirus protection, installation of updates, regular configuration and vulnerability monitoring, data backup and virtualization environment redundancy, compliance with setup and secure operation guidelines.
SmartScan is the best-of-breed solution for comprehensive audit of virtualization platforms, enabling:
- Vulnerability audit of virtualization environments and control centers;
- Update audit;
- Security parameter configuration audit;
- Inventory of virtual and physical appliances and software scope;
- Integrity control over hypervisor configuration files, mission-critical libraries, and data files.
The compliance policies are based on Security Hardening Guides and other best practices.
Thanks to integrity control function, SmartScan can detect and notify of any unauthorized modifications in configuration files, folders, registry branches, or critical data files, and can thus complement antiviruses in combating zero-day vulnerabilities, which are capable of replacing system files or adding their own files. When activated, the control mode checks master file integrity at preset intervals with follow-up notifications of even minor changes.
The scanner can block the file run in case of the integrity breach being detected in an executable file or utility library, thus making SmartScan an ideal choice for information systems, which are subject to stricter security requirements.
With the Control function, a company automatically monitors any system changes, such as encountered vulnerabilities, changed security settings, missing updates, file integrity, scope of hardware, software, etc. An admin has only to record a desktop master state, while SmartScan will periodically check for even minor changes and push relevant notifications.
You can do a range of network checks, including open ports, protocols in use, network services, etc., with minimum privileges required to receive the findings.
SmartScan can assess DBMS and OS password strength through cracking by dictionary or password hashes.
The scanner can send the scan result notifications to a preset email address.
The scan findings are kept in an assessment history and can be exported to PDF and CSV. The reports can be generated in either simple or incremental form, thus making it possible to track and document any system changes. For quick event search, the scanner can filter events by date, time interval, check type, status, host name and number.
The scan findings can be retained in the assessment history or as PDF reports. The reports can be presented in either simple or incremental form, thus facilitating the tracking of any changes (new vulnerabilities, unauthorized software or hardware installations). For quick event search, the software can filter events by date, time interval, check type, status, host name or number. Being generated in PDF, the reports can thus be exported to any text format supported by Adobe Acrobat or similar programs.
SmartScan can be deployed either on your own hardware or in a virtualization environment. It can be managed and updated using a web interface and it integrates with popular monitoring tools.