BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Call it Genius. Our Smart Groups Make Vulnerability Management Simple for Security Teams

Posted April 20, 2012    Morey Haber

eEye R&D has been hard at work on optimizing how our enterprise clients can manage and schedule assessments within Retina CS. These efforts will increase the efficiency of how our clients perform assessments across their IT infrastructure – be it their traditional server or desktop assets, or new technologies like mobile, virtual and cloud.

In a typical environment, regardless of vulnerability management tool, scan jobs are typically performed against a range of assets, address groups, or some other type of device collection or site location. If assessments are required across multiple groups, typically the user has to schedule multiple jobs or build containers that contain all of the corporate assets. Scanning these large groups can take a long time, be potentially too large for a single scan engine to process in one job, and produce a report (if it doesn’t time-out or crash first) that is tens of thousands of pages long. It is not common for a company with over 100,000 assets to truly scan all their devices. They just do not have the scanning infrastructure, manpower to schedule all the jobs, and personnel to handle the plethora of data. This is where eEye differs and excels in meeting enterprise vulnerability and threat management.

Retina CS employs called Smart Groups to build a collection of assets. These can be anything from address groups, to patterns contained in host-names, Active Directory queries, and even what software was detected on a host during previous scans. Smart Groups can also be built as parent objects referencing Child Groups. That is, the parent group can reference other Smart Groups and build a super set of all the data for role based access, alerting, and now job scheduling and reporting. If you’ve ever used the Smart Playlist function in iTunes, you’re already trained on how to build Smart Groups within Retina CS.

Consider an environment that has Smart Groups for locations or even business units. These are typically deployed as Smart Groups referencing the city, building, or business function. If you build a new group at the higher level that references all of these children by state, campus, or even business division then you have create a new logical parent. In Retina CS, you can now schedule a job at the parent level that will automatically be distributed to all children and honor key Smart Group settings like Scanner Locking or round robin scanner pooling for load balancing and rapid assessment of large IP ranges using multiple scanners simultaneously.

In terms of enterprise job scheduling, once the parent is built, it only takes 4 mouse clicks (yes, 4) in the Retina CS UI to perform and assess across the entire enterprise using distributed scan engines, scan pools, and fixed scanners that are dedicate to specific address spaces or locations! And, using Retina Insight, our unique Heat Maps can reduce the report into a few pages that can tell you which vulnerabilities are causing the highest risks and if mitigated, how your environment would change for the better!

No other solution is taking this approach to enterprise vulnerability management. eEye is the only vendor working to make  job scheduling, reporting, and threat intelligence simple for the IT security team, as well as for executives,  to understand the risks they face.

For more information on how Retina CS can help you today, please contact our sales team at sales@eeye.com. Our customer success engineers would love to show you how the next generation of Threat Management Solutions can solve problems with your enterprise scanning requirements.

Tags:
, , , , , ,

Additional articles

pbps-blog2

8 Reasons Your Privileged Password Management Solution Will Fail

Posted September 18, 2014    Chris Burd

Leveraging complex, frequently updated passwords is a basic security best practice for protecting privileged accounts in your organization. But if passwords are such a no-brainer, why do two out of three data breaches tie back to poor password management? The fact is that not all privileged password management strategies are created equal, so it’s critical…

Tags:
, , , , , ,
pbps-customer-campaign-image

You Change Your Oil Regularly; Why Not Your Passwords?

Posted September 11, 2014    Chris Burd

There are many things in life that get changed regularly:  your car oil, toothbrush and hopefully, your bed sheets.  It’s rare that you give these things much thought – even when you forget to change them. But what if you’re forgetting something that can cost you millions of dollars if left unchanged for long periods…

Tags:
, , ,

On-Demand Webcast: The Little JPEG that Could (Hack Your Organization) with Marcus Murray

Posted September 10, 2014    Chris Burd

IT security has come a long way, but every once in a while you see something that makes you think otherwise. Every day, internal and external hackers breach and traverse “secure” environments, making you wonder just how easy it is for attackers to completely compromise your network. In a new on-demand BeyondTrust webcast, Marcus Murray,…

Tags:
, , , , ,