Scalability and Flexible Deployment

The systems and network infrastructure of each organization are distinct. NVM provides you scalable and flexible deployment option based on the requirement (volume of scanned IP’s). To increase the speed and accuracy of your assessments, the ability to optimize your VMS according to the specific needs of your organization is very important. As your organization develops, your VM solution should be able to grow quickly and easily just by adding scan engines to your current deployment at minimal or no additional cost. NVM helps to scale your VM simply by adding Scan engines to your current deployment, and additionally, it helps you to configure the concurrent Scan Plugins and Number of hosts with respect to a single scan.

Prioritization

NVA dashboard and reports offer a granular representation of vulnerabilities with respect to the CVSS and also provides the total risk scenario for any scan. It also provides statistical data based on days/month/year in a real-time dashboard. False positive function is also provided as a temporal metric for Vulnerabilities which are accepted risk scenarios by the organization and can be defined in the range of Low/Medium/High/Log/False Positive. NVA also provides host tagging, which is available based on Owner/Groups wherein, the criticality levels can be defined that will publish the priorities based on the final score in a report. NVA also provide our own internal threat intelligence gathering, which can be prioritized based on their criticality level.

Internal and External Scanning

The only reason, NVA suggest using both internal and external vulnerability scan is to understand the scope of vulnerabilities inside and outside your organization, as threats can emanate from anywhere. The internal scan assesses your network security from inside your firewall, which can be both with/without credentials. The external scan is performed remotely from outside, which is normally non-credential/unauthenticated scans.

Credential Management for Authenticated Scans

An authenticated Scan scans the target network from both, external via the network and from the internal via a valid user login. NVA provides an SNMP authentication scan which mostly scans network devices, SMB authentication scans which checks the patch level and locally installed software for Windows, SSH authentication scans which checks for patch-levels on UNIX- and Linux-based systems, and ESXi authentication scans which tests the VMware ESXi servers locally.

Reporting

The reports are automatically sent as an email attachment once the scan is completed. Reports are available in different format such as HTML, PDF, TXT, RTF, and XML. These reports are interactive by nature when viewed on the NVA console. Reports generated in XML formats make it possible to integrate reports with third-party software like SIEM, CRM Analyzers, and more. Reports generated in CSV format can be exported as XLS, where further filtering such as Severity, Software, protocol, and many more can be done. Remediation report validation can be done by re-scanning the whole network or system. NVA helps you to customize your reports according to the specific need of the organization, for example, based on tagged asset groups, severity, and many more.

Compliance and Configuration Assessment

An authenticated Scan scans the target network from both, external via the network and from the internal via a valid user login. NVA provides an SNMP authentication scan which mostly scans network devices, SMB authentication scans which checks the patch level and locally installed software for Windows, SSH authentication scans which checks for patch-levels on UNIX- and Linux-based systems, and ESXi authentication scans which tests the VMware ESXi servers locally.

Remediation

Combine patch management capabilities of your patch management system with the scan data from NVA, and apply patches to vulnerable assets without delay. Use NVA to Verify High Severity Vulnerabilities and patch or fix them without delay. Using Remediation Projects you can build dynamic projects that track vulnerabilities related to Microsoft patches as they are identified in your environment. NVA allows you to report the vulnerability based on various options such as CVSS, Scan plugins, Port/Protocol/Services, and Patches like OS patches, application patches, and more. For example, Using patch option NVA can leverage credentials for the patch management systems to perform patch auditing on systems for which credentials may not be available to the NVA scanner. Scan plugins are tested against the host and NVA display the data reports gathered from Scan plugins.
NVA not only helps in identifying the risk but also prioritizes the risk and provide a remediation plan. This remediation plan is then automatically sent to the owner so that the risk is prevented as and when identified. It also helps to identify weak points in the remediation workflow to identify the problems and tracks your progress.

Management and Administration

NVA Dashboards are interactive by nature and provide specialized views of your network in a customizable and drag-and-drop interface along with the real-time data. You can add, delete, and move the dashboard according to your preferences, and choose the order in which they should appear in the module. NVA use components such as Scan Display, Asset Display, SecInfo Display and many more to generate multiple dashboards.
NVA allows you to configure and manage different users with different sets of roles and permissions. The administrator is being created by default and is allowed to login and manage the additional users. NVA user management supports to create role-based users who have permission to view and modify the web interface, to assign the read and write access to the user separately, and to create groups. You can configure users who can access and login into the management console using LDAP and TNS integration. This is because if LDAP service at some becomes unavailable you can still login into the console using TNS authentication. You can perform functions based on roles, groups, and asset using LDAP and TNS authentication according to the organization needs.

Data Filtering Options

Asset data can be filtered by state (active/inactive), asset tags, service names, open ports, and service protocols. When dealing with a large number of network assets, it is necessary to filter out the assets on specific conditions or subsets. This helps you to focus your remediation efforts and to handle the assets running on a complex or distributed network. For example, you could build filters for a given IP address range, or a particular site, and then combine these filters to return a list of all the assets that meet the specified criteria. NVA provide a large number of search filters based on host, service and software names, CVE ID, IP address, PCI compliance status, and others.

Logging and Monitoring: (SIEM integration will be releasing soon)

NVA Dashboards are interactive by nature and provide specialized views of your network in a customizable and drag-and-drop interface along with the real-time data. You can add, delete, and move the dashboard according to your preferences, and choose the order in which they should appear in the module. NVA use components such as Scan Display, Asset Display, SecInfo Display and many more to generate multiple dashboards.
NVA allows you to configure and manage different users with different sets of roles and permissions. The administrator is being created by default and is allowed to login and manage the additional users. NVA user management supports to create role-based users who have permission to view and modify the web interface, to assign the read and write access to the user separately, and to create groups. You can configure users who can access and login into the management console using LDAP and TNS integration. This is because if LDAP service at some becomes unavailable you can still login into the console using TNS authentication. You can perform functions based on roles, groups, and asset using LDAP and TNS authentication according to the organization needs.

Dashboard Data Sources

NVA combine the information from the Scan plugins, CVE (Common Vulnerability and Exposures), and the CERT and displays real-time data easily in the web interface in dashboards. It displays the data on the dashboard based on the data gathered from the Scan plugins. NVA has a long list of vulnerabilities which is linked to relevant groups like Mitre and other CVE Numbering Authorities and uses them for further visibility.

Logging and Monitoring: (SIEM integration will be releasing soon)

NVA Dashboards are interactive by nature and provide specialized views of your network in a customizable and drag-and-drop interface along with the real-time data. You can add, delete, and move the dashboard according to your preferences, and choose the order in which they should appear in the module. NVA use components such as Scan Display, Asset Display, SecInfo Display and many more to generate multiple dashboards.
NVA allows you to configure and manage different users with different sets of roles and permissions. The administrator is being created by default and is allowed to login and manage the additional users. NVA user management supports to create role-based users who have permission to view and modify the web interface, to assign the read and write access to the user separately, and to create groups. You can configure users who can access and login into the management console using LDAP and TNS integration. This is because if LDAP service at some becomes unavailable you can still login into the console using TNS authentication. You can perform functions based on roles, groups, and asset using LDAP and TNS authentication according to the organization needs.

Dashboard Data Sources

NVA combine the information from the Scan plugins, CVE (Common Vulnerability and Exposures), and the CERT and displays real-time data easily in the web interface in dashboards. It displays the data on the dashboard based on the data gathered from the Scan plugins. NVA has a long list of vulnerabilities which is linked to relevant groups like Mitre and other CVE Numbering Authorities and uses them for further visibility.

Container Assessment: (This feature will be releasing soon)

NVA VMS will identify and prevent vulnerabilities throughout the entire application lifecycle while prioritizing risk. It will help the developers to integrate VM into their CI process, while security teams want to continuously monitor, identify, and prevent risks to all the containers, images, and hosts in their infrastructure.

Alerting Actions

NVA identifies thousands of threats from the endpoints of the network by constant monitoring. However, huge numbers of activities are not serious threats but will cause alarm or set off alerts, which help security teams to proactively be alerted about potential threats so problems can be tackled before turning into breaches. Alerts can be customized according to the need of the user depending upon the risks such as open ports, SSL certificates, and unwanted services and software. You can define different groups for different sets of alerts, and you can design individual alerts over different time frames.

Agent-based Scanning: (Agent-based solution will be releasing soon)

NVA, for now, provides the agentless solution. In the near future, NVA agent-based solution will be well suited for performing power management tasks. Agents need to be easy to install and lightweight so as not to take up much network bandwidth. This is ideal for distributed networks with remote locations that have limited bandwidth, based on pull technology. It will enable in-depth scanning of a system without providing system credentials, and it performs patch management and asset management tasks on disconnected machines.

Passive Vulnerability Scanner

NVA PVS plugin is an exclusive network discovery and vulnerability testing software that delivers real-time network profiling and monitoring for constant and continuous assessment of an organization’s security demeanor in a non-intrusive manner. It continuously monitors the assets, such as servers, desktops, laptops, network devices, web apps, virtual machines, mobile, tablets, cloud-based assets, and more, that use IP protocol to determine topography, services, and vulnerabilities. It also tracks the network changes within your organization’s infrastructure. NVA provides OS fingerprinting, Service fingerprinting, database password management, and more configuration (Limited Configuration) for Windows platform is currently available. NVA inbuilt Passive Vulnerability Scanner has a capability that will allow you to provide the discovery and the network topology.

Audit Policy Management

Performing regular audits of configuration settings on your assets may be necessary for your organization. You may need to verify that your assets meet a specific set of configuration standards such as USGCB 2.0 policies, USGCB 1.0 policies, FDCC policies, CIS benchmarks.

Discovery

Before you start scanning the network, you should know what assets you have so that you can manage the risk easily. Nemasis helps you to provide a range of IPs to scan them using Host Discovery Scan option and also asset can be tagged to owner/groups.

Integration: (Hybrid, that is, agent-based will be releasing soon)

The virtual and cloud asset’s risk to safeguard the environment is identified and assessed dynamically by our NVA on-premise solution. While NVA hybrid solution has the capabilities to perform the host scanning with the help of access levels granted by the cloud services provider. NVA integrate with Syslog, Splunk, and other orchestration tools which allow organizations to analyze, search, monitor, and visualize big data coming from websites, networks, sensors, applications, servers, and mobile assets. NVA will also integrate with the enterprise ticketing system and RESTful APIs, which can be custom configured according to the organization’s specific need.