Guest post from Emmanuel Carabott of GFI Software Ltd.
Whenever someone does research on the best methods to secure a company’s network, they are sure to come across articles recommending network scanners. But what value do network scanners really provide any organization?
Network scanners generally provide two distinct important functionalities – information gathering on the network they’re scanning and information on any security issues found on that network.
Information on the network
Administrators need to keep up with the constant changes made to the network. Some might see change management as unnecessary, but this is an essential part of the process to keep a network in excellent shape. There are various reasons why administrators would want to know what software and hardware is running on their network, but the main reasons are security and the need to make sure that the changes administrators make will cause conflicts within the existent network infrastructure. When new software is installed, or updates are made to the existing installation through patching, certain configurations can make the system unusable (blue screens, for example) or unstable. To avoid this from happening, the administrator should keep a test environment which mirrors the network where these changes will be made before they’re pushed onto the live server. If users install new software on their systems without notifying the administrator, the test environments will not match the current network and therefore any pre-deployment tests will be inconclusive and not a true reflection of the current status.
Some hardware can pose a security risk to the network. It is imperative that administrators are immediately notified when a new device is connected to the network so that they can determine if there is a real risk to the company. The company’s security policy might specify that the administrator must be notified before any new hardware is connected to the network but that alone does not guarantee employee compliance. A network scanner, however, can periodically monitor the network for changes and notify the administrator as these happen.
Security issues on the network
A network scanner will also look for a number of security issues on the network it is scanning.
These generally include:
- Missing patches
- Unwanted open ports
New vulnerabilities affecting the network can arise on a daily basis, often due to changes in configurations, new exploits being discovered, and because of new software being installed on the network. For these reasons alone, an administrator needs a network scanner that can monitor the network for any vulnerability on a regular basis.
Next on the list is patch management. Vendors continuously fix security issues in their software and then, release patches for the end user to install. Keeping track manually of all patches released can be a daunting task, but a network scanner helps the administrator to stay on top of the problem and apply any patches that are required.
Finally there are applications that communicate through the internet, such as web servers’ open ports for others to connect to. Every open port is a potential security risk because malicious persons will try to find exploits in these connections. It is highly recommended ports that are not in use are closed immediately. An administrator should be informed as soon as a new port is opened on a network machine. This usually happens when an employee may have installed a new application or due to a malware infection. Since the network administrator cannot be everywhere or see everything happening on the network all the time, a network scanner is an essential tool.
A network scanner is a very useful tool for administrator, making his life a lot easier. Having a ‘virtual consultant’ is a much better option that having to check each and every machine manually.
Companies that use network scanners will save time and money, while administrators can focus on more important issues that require manual intervention. Why add more work when tasks can be automated using a network scanner?
This guest post was provided by Emmanuel Carabott on behalf of GFI Software Ltd. GFI is a leading software developer that provides a single source for network administrators to address their network security, content security and messaging needs. Read more on the importance of using a network scanner.
All product and company names herein may be trademarks of their respective owners.