Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
634
Views
0
Helpful
1
Replies

best network vulnerability scanner solution for Cisco environment !?

mohammed hashim
Level 1
Level 1

‎12-09-2015 08:06 AM - edited ‎02-21-2020 05:38 AM

hi,

I would like to know from your experiance what is the best vulnerability assesment scanner solution for the network appliances specially for Cisco devices !?

thanks,

0 Helpful
1 Reply 1

Marvin Rhoads
Hall of Fame
Hall of Fame

‎12-10-2015 07:56 PM

A human being.

Vulnerability scanners generally look for open tcp and udp ports. Say a Cisco switch only allows ssh (tcp/22) and restricts that via ACL on the vty line.

A typical vulnerability scanner may say that device is very secure. Never mind that your IOS is subject to lots of security-related bugs that may manifest if you enable any other services in the future (ntp, snmp, https etc.), Never mind that you aren't sending sylogs anywhere and if you are you have no people actually analyzing the received data. Never mind that you don't have any network access control (a la 802.1x and/or ISE) and there your switch is just an open invitation for intruders to connect to your network.

Get my point?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card