BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Call it Genius. Our Smart Groups Make Vulnerability Management Simple for Security Teams

Posted April 20, 2012    Morey Haber

eEye R&D has been hard at work on optimizing how our enterprise clients can manage and schedule assessments within Retina CS. These efforts will increase the efficiency of how our clients perform assessments across their IT infrastructure – be it their traditional server or desktop assets, or new technologies like mobile, virtual and cloud.

In a typical environment, regardless of vulnerability management tool, scan jobs are typically performed against a range of assets, address groups, or some other type of device collection or site location. If assessments are required across multiple groups, typically the user has to schedule multiple jobs or build containers that contain all of the corporate assets. Scanning these large groups can take a long time, be potentially too large for a single scan engine to process in one job, and produce a report (if it doesn’t time-out or crash first) that is tens of thousands of pages long. It is not common for a company with over 100,000 assets to truly scan all their devices. They just do not have the scanning infrastructure, manpower to schedule all the jobs, and personnel to handle the plethora of data. This is where eEye differs and excels in meeting enterprise vulnerability and threat management.

Retina CS employs called Smart Groups to build a collection of assets. These can be anything from address groups, to patterns contained in host-names, Active Directory queries, and even what software was detected on a host during previous scans. Smart Groups can also be built as parent objects referencing Child Groups. That is, the parent group can reference other Smart Groups and build a super set of all the data for role based access, alerting, and now job scheduling and reporting. If you’ve ever used the Smart Playlist function in iTunes, you’re already trained on how to build Smart Groups within Retina CS.

Consider an environment that has Smart Groups for locations or even business units. These are typically deployed as Smart Groups referencing the city, building, or business function. If you build a new group at the higher level that references all of these children by state, campus, or even business division then you have create a new logical parent. In Retina CS, you can now schedule a job at the parent level that will automatically be distributed to all children and honor key Smart Group settings like Scanner Locking or round robin scanner pooling for load balancing and rapid assessment of large IP ranges using multiple scanners simultaneously.

In terms of enterprise job scheduling, once the parent is built, it only takes 4 mouse clicks (yes, 4) in the Retina CS UI to perform and assess across the entire enterprise using distributed scan engines, scan pools, and fixed scanners that are dedicate to specific address spaces or locations! And, using Retina Insight, our unique Heat Maps can reduce the report into a few pages that can tell you which vulnerabilities are causing the highest risks and if mitigated, how your environment would change for the better!

No other solution is taking this approach to enterprise vulnerability management. eEye is the only vendor working to make  job scheduling, reporting, and threat intelligence simple for the IT security team, as well as for executives,  to understand the risks they face.

For more information on how Retina CS can help you today, please contact our sales team at sales@eeye.com. Our customer success engineers would love to show you how the next generation of Threat Management Solutions can solve problems with your enterprise scanning requirements.

Tags:
, , , , , ,

Additional articles

Integrating Least Privilege and Password Management to Solve Account Security Challenges

Integrating Least Privilege and Password Management to Solve Account Security Challenges

Posted July 24, 2014    Morey Haber

There is a reason all BeyondTrust Privileged Account Management (PAM) solutions share the PowerBroker name: They all inherently enable you to reduce user-based risk and can be integrated under a centralized IT risk management platform. Here’s one common use case that demonstrates how this integration changes the playing field. Consider the challenge of privileged access:…

Tags:
, , , , ,
PowerBroker Password Safe Password Age Report

Reshaping Privileged Password Management with Password Safe 5.2

Posted July 21, 2014    Martin Cannard

Today, we’re pleased to unveil the latest edition of our privileged password management solution, PowerBroker Password Safe. I’ll start with a brief intro of what’s new and then tell you a little about the driving factors behind Password Safe development. New features for mitigating password risk and ensuring accountability enterprise-wide Here’s the 10,000-foot overview of…

Tags:
, , ,
PowerBroker for Windows tamper protection

PowerBroker for Windows 6.6 Tamper Protection

Posted July 18, 2014    Morey Haber

I have a bone to pick: Stopping an administrator from performing an action on a system is futile endeavor. As an administrator, there is always a way to circumvent a solution’s from tampered protection. Really! By default, Windows administrators have unrestricted access to the system – and even though an application, hardened configuration, or group policy…

Tags:
, ,