BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Call it Genius. Our Smart Groups Make Vulnerability Management Simple for Security Teams

Posted April 20, 2012    Morey Haber

eEye R&D has been hard at work on optimizing how our enterprise clients can manage and schedule assessments within Retina CS. These efforts will increase the efficiency of how our clients perform assessments across their IT infrastructure – be it their traditional server or desktop assets, or new technologies like mobile, virtual and cloud.

In a typical environment, regardless of vulnerability management tool, scan jobs are typically performed against a range of assets, address groups, or some other type of device collection or site location. If assessments are required across multiple groups, typically the user has to schedule multiple jobs or build containers that contain all of the corporate assets. Scanning these large groups can take a long time, be potentially too large for a single scan engine to process in one job, and produce a report (if it doesn’t time-out or crash first) that is tens of thousands of pages long. It is not common for a company with over 100,000 assets to truly scan all their devices. They just do not have the scanning infrastructure, manpower to schedule all the jobs, and personnel to handle the plethora of data. This is where eEye differs and excels in meeting enterprise vulnerability and threat management.

Retina CS employs called Smart Groups to build a collection of assets. These can be anything from address groups, to patterns contained in host-names, Active Directory queries, and even what software was detected on a host during previous scans. Smart Groups can also be built as parent objects referencing Child Groups. That is, the parent group can reference other Smart Groups and build a super set of all the data for role based access, alerting, and now job scheduling and reporting. If you’ve ever used the Smart Playlist function in iTunes, you’re already trained on how to build Smart Groups within Retina CS.

Consider an environment that has Smart Groups for locations or even business units. These are typically deployed as Smart Groups referencing the city, building, or business function. If you build a new group at the higher level that references all of these children by state, campus, or even business division then you have create a new logical parent. In Retina CS, you can now schedule a job at the parent level that will automatically be distributed to all children and honor key Smart Group settings like Scanner Locking or round robin scanner pooling for load balancing and rapid assessment of large IP ranges using multiple scanners simultaneously.

In terms of enterprise job scheduling, once the parent is built, it only takes 4 mouse clicks (yes, 4) in the Retina CS UI to perform and assess across the entire enterprise using distributed scan engines, scan pools, and fixed scanners that are dedicate to specific address spaces or locations! And, using Retina Insight, our unique Heat Maps can reduce the report into a few pages that can tell you which vulnerabilities are causing the highest risks and if mitigated, how your environment would change for the better!

No other solution is taking this approach to enterprise vulnerability management. eEye is the only vendor working to make  job scheduling, reporting, and threat intelligence simple for the IT security team, as well as for executives,  to understand the risks they face.

For more information on how Retina CS can help you today, please contact our sales team at sales@eeye.com. Our customer success engineers would love to show you how the next generation of Threat Management Solutions can solve problems with your enterprise scanning requirements.

Tags:
, , , , , ,

Additional articles

CyberResiliency

6 things I like about Gartner’s Cyber Resiliency Strategy

Posted August 27, 2015    Nigel Hedges

There were 6 key principles, or recommendations, that Gartner suggested were important drivers towards a great cyber resiliency posture. I commented more than once during the conference that many of these things were not new. They are all important recommendations that are best when placed together and given to senior management and the board – a critical element of organisations that desperately need to “get it”.

Tags:
,
powerbroker-difference-1

Why Customers Choose PowerBroker: Flexible Deployment Options

Posted August 26, 2015    Scott Lang

BeyondTrust commissioned a study of our customer base in early 2015 to determine how we are different from other alternatives in the market. What we learned was that there were six key differentiators that separate BeyondTrust from other solution providers in the market. We call it the PowerBroker difference,

Tags:
, ,
Mac-Security-Enterprise

On Demand Webinar: Security Risk of Mac OS X in the Enterprise

Posted August 20, 2015    BeyondTrust Software

In the last several years, Mac administrators have come to realize that they may be just as vulnerable to exploits and malware as most other operating systems. New malware and adware is released all the time, and there have been serious vulnerabilities patched by Apple in the past several years, some of which may afford attackers full control of your systems.

Tags:
, ,