Comodo offers SaaS Vulnerability Scanning for internal networks

(22/09/2009)

Merchants who accept payment cards such as credit cards are required to scan their networks at certain periods, checking for breaches in security. Previously, internal network scans required dedicated hardware, run by an onsite employee.

Comodo has introduced vulnerability scanning for internal networks in the cloud. This is available with the newest release of its product HackerGuardian™. With HackerGuardian, businesses can now run remote scans of their internal and external networks using the same software. A lightweight bootable agent installed on one of the local network nodes can be activated by an employee who may be located in another state, or even on another continent.

Merchants required to meet level 1, 2, or 3 of the Payment Card Industry Data Security Standards (PCI DSS) can now centralize the administration of their vulnerability scans. They can use one software tool to manage scans of both their internal and external networks.

HackerGuardian's Internal Scanning feature allows PCI DSS-compliant merchants to run vulnerability scans on computers located on a local area network. These computers are typically 'inside' the company's private network and are protected by a perimeter firewall or other network security device. In order to run an internal scan, the administrator must first run the HackerGuardian internal scanning agent on the local network.

Once installed and configured, this Agent will establish a secure connection to a HackerGuardian Access server which will in turn establish a secure communication channel (connection) to a HackerGuardian scanning server. The scanning server will then be able to connect to and run scans on the local computers located at the IP addresses that have been specified in the 'LAN Devices' area of the HackerGuardian interface. The Agent software is available as an ISO image (to create a Live CD) or as files (to create a Live USB stick). The scans can be run directly by booting the device through either the Live CD or the Live USB stick.

There are two main prerequisites to running an internal scan:
* The creation of a 'Local Device' as a target for the scans in the 'LAN Devices' area of the HackerGuardian interface. Local Devices are defined by one or more IP addresses.
* The internal scanning Agent has been installed on the local network to communicate with the HackerGuardian scanning servers via VPN connection.

"Comodo is proud to lead the vulnerability scanning industry with Hackerguardian Internal Scanning," said Melih Abdulhayoglu, Comodo's CEO. "We are committed to creating trust online and making it easier to communicate and transact over the Internet. With HackerGuardian Internal Scanning, merchants can concentrate on building their relationships with customers, instead of on fulfilling their regulatory requirements."

Related topics:  Computer and PC Security   Internet and Web security   Network Security 

Print version | Email to a friend | Related articles

Data breaches: Trends, costs and best practices gives you all the latest information on securing personal and corporate data, key recommendations for immediate action to improve data security, and how to respond to data breaches.

Other Security news and resources