QualysGuard Intranet Scanner

The Security Industry’s First Appliance Designed to Assess Network Vulnerabilities Inside the Firewall

QualysGuard has long been the security industry’s most advanced vulnerability management solution, enabling IT management to proactively prevent network intrusions at the perimeter. With QualysGuard Intranet Scanner, Qualys also protects enterprises when the threat comes from within the internal network. QualysGuard Intranet Scanner is the first network appliance for internal vulnerability assessment and resolution. Combined with QualysGuard, the Intranet Scanner provides network administrators with an integrated, centralized interface for managing both internal and external network vulnerabilities.

External network intrusions from increasingly sophisticated and malicious hackers, worms, and trojans are well-known; however, organizations find that they are even more vulnerable to internal threats. Referencing the industry’s most comprehensive and up-to-date vulnerability KnowledgeBase, Intranet Scanner audits internal hosts, servers, and other devices on the network—such as wireless access points, modems, printers, and VPNs —and alerts network managers to exposures and recommended remedies before they are exploited.

The most advanced, easy to administer, automated solution, QualysGuard provides a complete, integrated vulnerability assessment solution with Intranet Scanner. Designed to inherit all the capabilities of the rich QualysGuard vulnerability assessment platform, Intranet Scanner communicates directly with Qualys’ data center, securely over the Web. Using a simple Web application from their Web browsers, subscribers are provided with a unified, centralized view of external and internal vulnerabilities across their enterprises, as well as the ability to:

• Run unlimited vulnerability assessments, pre-scheduled or on-demand, from any Web browser, 24 x 7.

• Visually map network topology, often identifying rogue systems or misconfigurations.

• Detect vulnerabilities, analyze risk exposure, link to remedies, and validate resolution.

• Automatically reference, in real-time, a daily-updated KnowledgeBase with thousands of vulnerability signatures covering over 300 applications on more than 20 different platforms.

• Create and distribute concise, integrated, custom reports with intranet and Internet findings, and track security trends.

• Group IPs into logical sets by geography or function for scheduling, reporting, and workflow analysis.

• Scale cost-effectively from single IP networks to virtually unlimited size networks.

Just minutes after performing three easy setup steps—(1) power on, (2) connect to the network, and (3) enter QualysGuard username and password—subscribers can begin assessing their networks for vulnerabilities. A "headless" appliance, Intranet Scanner requires no external keyboard or monitor for configuration and operation; setup is achieved through the front-mounted keypad and the Qualys Web site. Intranet Scanner requires no network or firewall policy modifications, enabling users to get up and running in minutes.

Leveraging proven Internet infrastructure and communication protocols, Intranet Scanner initiates HTTPS-protected outbound communications with the Qualys data center. Adding to Intranet Scanner’s communication security is its specially-hardened operating system, which accepts no inbound connections and can only be accessed via the appliance’s front-panel keypad. Scanning engine and vulnerability signature updates are performed automatically and transferred employing multiple layers of security, including encryption and digital signatures.

• 24 x 7 automated network mapping and vulnerability scanning.

• Automatic, daily vulnerability signature and scanning engine updates.

• Customized reporting integrated with the QualysGuard service.

• Secure network appliance with hardened operating system.

• Complete vulnerability lifecycle management.