ApplianSys launches AUDITBOX to pre-empt network attack

By ApplianSys , April 25, 2006

ApplianSys today announced general availability of its network Vulnerability Assessment (VA) appliance, AUDITBOX200. Combining the proven capabilities of the Pansec Vulnerability Scanner with the inherent security of the appliance format, AUDITBOX employs non-invasive techniques to discover vulnerable devices on a network that could pose a risk to malicious activity.

"Network vulnerability-assessment is an essential companion to Firewalls, Intrusion Detection Systems and Anti-Virus solutions in delivering cohesive network security. By knowing what assets hackers can exploit on their networks, Network Managers can block points of attack before they occur," explains Mike Clark, CEO of ApplianSys.

"Unlike some vulnerability assessment solutions, all testing, analysis and reporting happen on the AUDITBOX behind the customer's firewall. Confidential vulnerability data stays on-site and in the customer's control," continues Clark.

Utilising tried and tested software from technology partner Pansec, ApplianSys has developed AUDITBOX to fully automate regular Vulnerability Assessment for large numbers of IP addresses. This allows assessment to be performed on hundreds or even thousands of addresses on a daily or weekly basis, with minimal overhead. It includes a full change analysis for each address, summarized to allow large numbers of systems to be monitored without having to read endless individual reports.

AUDITBOX automates, on a 'set and forget' basis, regular scheduling and distribution of test profiles. Depending on what is found, further tests will be run to gather as much data as is possible, before analysing this data offline. Consequently each system is checked only once, and each piece of data is read only once, rather than working down a list of known vulnerabilities retesting services repeatedly. Bandwidth usage is kept to a minimum and various combinations of intensive initial testing and thorough retesting profiles allow this to be reduced further.

Data is analysed offline against a combination of PanSec's own Exposure Database, the SANS institute alerts and Security Focus's Vulnerability Database. Full change analysis is then performed against the selected baseline for each address, which reports any vulnerabilities, services or ports that have appeared or disappeared. This report can be used to harden a system or reconfigure a firewall if vulnerabilities are identified. Subsequent reports will confirm if changes have been effective. Once a system is sufficiently hardened and the report is acceptable, a baseline can be set for that address ensuring subsequent reports only indicate any variation from that baseline.

"AUDITBOX200 is the first in a range of vulnerability assessment models from ApplianSys. Upcoming products include AUDITBOX300 for much larger enterprises and AUDITBOX100 dedicated test server. By combining the power of AUDITBOX300 with AUDITBOX100, larger organisations will be able to view vulnerabilities in more of the network more cost effectively," adds Clark.

Pan Security International is a leading provider of enterprise-class vulnerability and risk management solutions, developing and deploying security testing applications in the area of remote IP vulnerability and exposure analysis. PanSec's independent and impartial services complement existing security solutions, giving constant reassurance that active security measures are configured and operating correctly. For further information, visit: www.pansec.com.