You can't secure what you don't acknowledge.SM

Thursday, May 1, 2014

Running vulnerability scans over VPN connections

If you haven't yet, you'll likely run into a situation where you need to run vulnerability scans over a VPN connection (i.e. for remote office networks). Well, certain scanners won't scan over "raw sockets" - the underlying communication method for certain VPN connections. Other scanners can't even connect to a remote network at all because they're caught up in their own little virtual machines that you cannot add a VPN client to.

If you're faced with this situation, check out GFI LanGuard (currently in version 2014). LanGuard works like a charm over various VPN connections. I have found that when performing unauthenticated scans LanGuard typically doesn't find as many relevant vulnerabilities as other scanners but its authenticated scans of Windows and Linux systems are very good. I have some clients that use LanGuard for patch management with positive results as well. Definitely a worthy tool!


No comments:

Post a Comment