1

GFI LANguard N.S.S VS NeWT Security Scanner

Presented by:Li,Guorui

2

Agenda

Features comparisonSystem requirementsInstallationLicensing TestingConclusion Reference

3

Features comparison

Flexible scanning Common Vulnerabilities and Exposures (CVE) compatible

Easy vulnerability database updates

Results Comparison

4

Features comparison (cont’)

GFI LANguard Network Security Scanner version 5.0 Automatically detect security vulnerabilities on

your network Provides in-depth information about all

machines/devices Patch management

NeWT vulnerability scanner version 2.1 Provides Dos Attack in addition to the standard

set of tests Intelligent port scanning

5

System requirements

GFI LANguard N.S.S Windows 2000/2003 or Windows XP Internet Explorer 5.1 or higher Client for Microsoft Networks must be

installed. NO Personal Firewall software or the

Windows XP Internet Connection Firewall can be running while doing scans. It can block functionality of GFI LANguard N.S.S.

To deploy patches on remote machines you need to have administrator privileges

6

System requirements(cont’)

NeWT Security Scanner Windows 2000/2003 or Windows XP A resident copy of Microsoft’s Internet

Explorer is required Client for Microsoft Networks must be

installed. To forge custom TCP/IP packets, NeWT uses

the WinPcap (http://winpcap.polito.it ) driver To deploy patches on remote machines you

need to have administrator privileges

7

Installation

GFI LANguard 60 days full evaluation or freeware version http://www.gfi

.com/downloads/downloads.asp?pid=8&lid=1

NeWT Freeware http://www.tenablesecurity.com/newt.html

8

Licensing

GFI LANguard

    Price     Price

up to 25 IPs LANSS25 $ 315 up to 250 IPs LANSS250 $ 795

up to 50 IPs LANSS50 $ 395 unlimited IPs * LANSSUNL $ 995

up to 100 IPs LANSS100 $ 495      

9

Licensing

NeWT Scanner Free Local network only NeWT Pro is for commercially use

($6000)

10

Testing environment

Server Intel Celeron 1.8 GHz 512 Mb of RAM Windows 2000 SP 4

Clients 2 Windows 2000 machines 2 Windows XP machines

11

Testing environment

Phase one Perform default vulnerability tests of

both software

Phase two Install patches, updates Rescan system again

Phase three Compare result comparison function

12

Test phase one result

13

14

15

Test phase one summary

Testing Items GFI LANguard NeWT Scanner

Total machine scanning 4 4

Scanning set Default Default

Total time 6-7 minutes 16-17 minutes

Total High vulnerability 8 29

Total Medium vulnerability

5 17

16

Test phase two result

GFI LANguard did not identify the software version correctly

Updated office 2000, SQL server 2000, WinAMP 5.05 / JRE/JDK 1.4.2_06

17

Test phase three result

18

19

Conclusion

GFI LANguard Fast Many extra features Buggy

NeWT scanner Powerful scanning ability Stable system performance A bit slow

20

Reference

http://www.tenablesecurity.com/newt.html

NeWT user manual  

http://www.gfi.com/languard/ 

GFI LANguard user manual

21

Questions