Security scanning for small to midsized networks
BindView’s bv-Control for Internet Security 3.0 is a high-end security-management product designed to be your small to midsized network’s first line of defense against security breaches. BindView has built bv-Control for Internet Security on the battle-proven architecture of its bv-Control network-management suite.
The software ships on one CD-ROM, and the documentation is in PDF format. When you first insert the CD-ROM, an auto-run file launches an HTML-based installation guide that lets you browse a quick overview of the product, check out system requirements, and read the program’s documentation during the Setup process.
Installing bv-Control for Internet Security requires domain administrator privileges—if you plan to scan more than just your local machine. Because you have the option of installing the product as a local scanner, the Setup program prompts you for an appropriate user account. You can use a domain administrator account, a domain user account, or a local administrator account to configure the software. The distinction between domain administrator and domain user is that the former gives you full access to the entire domain, whereas the latter restricts you to scanning only the systems for which you have the proper credentials within the domain. I planned to scan my entire network, so I chose to use a domain administrator account. After the software passed the proper credentials to the Setup program, bv-Control for Internet Security was ready to run.
The software fits within the Microsoft Management Console (MMC) framework, which provides a familiar UI to your management suite. The two-pane interface displays product components in the left pane and details in the right pane. The UI was self-explanatory, so I dived straight into the heart of the software and began configuring the system for my network.
The product’s New Scan Wizard simplifies the process of selecting network devices and configuring scans. Surprisingly, the alternative method—manually adding systems and configuring the scanning process—is almost as simple as using the wizard. To satisfy my inner power user, I opted for the manual method.
I started by entering my network’s subnet mask into the software’s Targets folder. This procedure initiated an auto-discovery process that searched the subnet for the individual IP address of each machine on the network. This feature pleased me because I run a mix of Windows 2000 Server, Win2K Professional, Windows NT Server 4.0, OpenBSD, and Linux machines, and I never pay much attention to each system’s IP address. To help you separate the computers into groups, the auto-discovery process interrogates each OS’s TCP/IP stack and returns an OS name and version.
After the software finished interrogating the machines and adding them to bv-Control for Internet Security’s Targets folder, I started grouping the computers into categories. As Figure 1 shows, I based each group on the role of the systems in question. I then began running the product’s predefined scans. By default, bv-Control for Internet Security includes six security checks:
- Normal Security Check—Looks for security holes that are common to most systems.
- All Security Checks—Interrogates your systems for every imaginable security hole. This option is the most thorough and comprehensive check that the software offers.
- Latest Update Security Check—Scans only for holes that the latest RapidFire Update informs the software about.
- Password Cracker—Compares your systems’ password files against a word list and dictionary file to decipher weak passwords.
- Quick Security Check—Quickly discovers the most severe security holes when you’re pressed for time.
- SANS Priority One Security Check—Probes through your systems using the SANS Institute’s Priority One List or Top Ten List of Security Threats as its criteria.
Previous
