eEye Retina Network Security Scanner Overview:

Reduce your exposure to attack. Mitigate network and business risk.

Retina Network Security Scanner, the industry and government standard for multi-platform vulnerability management, identifies known and zero day vulnerabilities plus provides security risk assessment, enabling security best practices, policy enforcement, and regulatory audits.

Network vulnerabilities are an increasingly common issue in today’s highly complex computing environments. With exploit attacks appearing faster than ever before, it has become significantly more challenging for organizations to protect against attack. A notable case in point is the Sasser worm. Sasser was based on exploit code released two days earlier and only 18 days after the initial vulnerability was announced.

With such a dynamic threat environment to contend with, IT professionals need a proactive security management strategy that goes beyond routine patch deployment. To meet the challenge, and reduce overall network security TCO in the process, organizations are adopting integrated security and threat management solutions from eEye Digital Security.

Security Management Appliance:

The Retina Security Management Appliance integrates REM and Retina on a single appliance, providing multi-platform network discovery plus vulnerability & risk assessment, enabling centralized security best practices, policy compliance, and regulatory audits.

• Network Security Scanner Appliance - Integrated security management appliance enables prioritized policy management, patch management, and vulnerability management.
• Network Vulnerability Assessment - Security appliance identifies network vulnerabilities, application vulnerabilities, plus zero day threats.
• Network Discovery and Patch Assessment - Network appliance discovers all devices, operating systems, applications, patch levels, plus policy configurations.
• All-In-One Enterprise Security Management - Everything you need - pre-installed, pre-configured, pre-tuned - for centralized vulnerability & patch management plus security incident management.

Wasting time and money panic-patching?

Retina helps free up precious resources for other key projects by providing threat management and patch management focus. Retina identifies and prioritizes well-known and newly discovered vulnerabilities residing on connected network devices - regardless of platform. Incorporating the most comprehensive and up-to-date vulnerability technology and database while eliminating the need for administrative credentials, Retina delivers the most accurate and timely scans available - scanning an entire class C network in approximately 15 minutes.

Struggling to get an accurate view of your network - again?

Retina helps you get a handle on your entire network environment - finding devices connected outside of your formal deployment processes. Regardless of platform, Retina identifies known and rogue systems - desktops, servers, routers, and switches - then digs deeper to identify and prioritize the remediation steps for well-known and newly discovered vulnerabilities, missing operating system & application patches, and other policy-oriented exceptions residing on the network. Using the latest asset discovery standards, Retina delivers the most accurate scan results available.

Multiple security policies across multiple devices?

Retina assesses all network devices - regardless of platform, operating system, and application - to identify missing patches, mis-configurations, and other vulnerabilities. Incorporating the most comprehensive and up-to-date vulnerability technology, policy and patch checking database, and customizable scan options, Retina delivers the most complete network security scans available for your specific environment and business need.

Looking for IT Security process efficiencies?

Retina prioritizes remediation in support of business and operational efficiency, freeing up precious resources for other key projects. Retina identifies and prioritizes exceptions to corporate and regulatory policy, providing visibility and remediation guidance for missing patches, weak configurations, system vulnerabilities, and other security threats. Complete your security audits with documented actions and processes through Retina's integration with popular helpdesk systems.

Unsurpassed Vulnerability Management

Retina Network Security Scanner is a professional-grade security solution with a lengthy track record of success and industry leadership. Retina contains all the integrated security and threat management tools needed to effectively identify and remediate the network vulnerabilities that lead to exposure and malicious attacks. Retina secures networks by:

Accurately discovering all the assets in the network infrastructure including operating system platforms, networked devices, databases and third party or custom applications. Retina also discovers wireless devices and their configurations, ensuring these connections can be audited for the appropriate security settings. Additionally, Retina scans active prots and confirms the services associated with those ports.

Implementing corporate policy drive scans to audit internal security guidelines and ensure that configuration requirements are enforced and comply with defined standards. These custom scans can also assist with meeting any regulatory compliance requirements (SOX, HIPAA, GLB, PCI, etc) customers may face.

Remotely identifying system level vulnerabilities to mimic an attacker's point of view, providing information that an outsider would see about your network. These remote checks do not require administrator rights, providing an accurate assessment, with fewer resources required to scan across departments, locations or geographies.

Incorporating the most comprehensive vulnerabilities database and scanning technology available allowing users to proactively secure their networks against attacks. Retina was developed and is constantly updated by the eEye Research Team, leveraging its expertise and superior vulnerability discovery methodology. Updates are automatically uploaded at the beginning of each Retina session.

Providing a workflow approach to vulnerability management. Retina's user interface allows for multiple views and reporting options with which to analyze assessment data. This gives users the opportunity to view assets criticality correlated with complete vulnerability data. This approach allows users to effectively prioritize remediation efforts.

Features and Benefits:

Features:

Network Security Scanner - Retina enables prioritized policy management, patch management, and vulnerability management.

Network Discovery and Policy Assessment - Retina discovers all devices, operating systems, applications, patch levels, plus policy configurations.

Fast and Accurate Scans - Accurately scan a Class C network of devices, operating systems and applications in ~15 minutes.

Network Vulnerability Assessment - Identify network security vulnerabilities, missing application updates, plus zero day threats.

Vulnerability Management - Enables prioritized policy management, patch management, and vulnerability assessment.

Policy Compliance - Identify and simplify your corporate and regulatory requirements (SOX, HIPAA, GLBA, PCI and others).

Additional Futures and Benefits:

Accurate Asset Discovery and Inventory - Retina discovers all the assets on a given network, including operating systems, applications, services, databases and wireless devices. Retina's advanced OS discovery utilizes ICMP, registry, NetBIOS, and the Nmap signature database, as well as eEye's proprietary OS fingerprinting for more accurate & definitive OS identification. Additionally, Retina has profiles for nearly 2,000 of the most commonly utilized ports, and allows for scanning of all 65,536 ports on a network device.

Custom Security Audits - Users can create custom audits for the enforcement of corporate security policies, including anti-virus deployments, application version control, file shearing, permissible ports and P2P, as well as enabling regulatory compliance requirements.

Remediation Assessment - Retina allows prioritized remediation through its intuitive user interface, categorizing vulnerabilities according to risk level. Integration with third party help desk and ticketing systems is a simple process. Additionally, Retina's Fix-it function can be used to remotely correct security issues such as registry settings, file permissions, etc.

Localized System Audits - Retina reconciles the input/output data on each port to determine which protocols and services are actually running, including SSL. In this way, Retina makes adjustments for custom or unconventional machine setup.

Smart Protocol Scanning - Retina reconciles the input/output data on each port to determine which protocols and services are actually running, including SSL. In this way, Retina makes adjustments for custom or unconventional machine setup.

Advanced Scheduling Capabilities - Retina's scheduler function allows you to set the scanner to run on a regular basis to periodically check for vulnerabilities. Because Retina is non-intrusive, you can pre-schedule your scans without the risk of unplanned network downtime.

Retina Deployment Scenarios

	Retina Enterprise Software	eEye Security Management Appliance 1505	Retina On Demand
Requires User Supplied Hardware
Requires User to Install Software and Obtain 3rd Party Licenses
Scales Over 3000 Assets
Active Directory Integration
Capital Expense Budget Available
Maintenance-Free Solution
Data is Stored at eEye
Entry Level Enterprise Ready Solution
Annual Subscription or Monthly Payment Terms

Enterprise Vulnerability Management

Designed for a range of small business, medium business (SMB), to large enterprises, Retina Network Security Scanner is available as both a network security software solution plus a vulnerability management appliance solution.

• Centralized Vulnerability Management - Integrated vulnerability assessment, policy enforcement, policy auditing; improving enterprise network security.
• Centralized Incident Management - Prioritized vulnerability management plus client security threats and attacks; reducing security risk plus network security response.
• Enterprise Security Reporting - With integrated vulnerability, attack and policy information provided by Retina and Blink, REM provides organizations with metrics and graphical representations of their enterprise security posture.
• Executive Dashboard - Customizable reports and charts; integrated asset management, client security, risk assessment, plus vulnerability assessment.

Specifications:

Prefer to manage your network assets and vulnerability assessments using software? Choose our Retina Network Security Scanner software solution. Retina Network Security Scanner software can scan multiple operating systems and applications and has the following minimum system requirements:

Awards:

Retina has received recognition from leading technical publications and product reviewers with exceptional ratings:

	SC Magazine Best Buy - Group Test: Vulnerability Assessment — There have been few changes on the vulnerability assessment landscape, but the field is maturing, converging and gaining depth rapidly. May 2009 Retina Network Security Scanner Strengths: Solid Feature Set with easy-to-use scanning controls Weaknesses: None that we found. Verdict: An excellent vulnerability scanner at a good price. This one gets our Best Buy.
	NSS Labs: PCI Suitability Program — Retina is able to support 16 of 16 direct PCI DSS Requirements in NSS Labs PCI Suitability Testing September 2008
	SC Magazine Awards — Retina Network Security Scanner nominated as Finalist for the "Best Security Solution" category of the SC Awards 2006. March 01, 2006
	AeA Best Software Infrastructure — eEye was presented with the AeA 2006 High Tech Innovation Award for Best Software Infrastructure. May 18, 2006
	WindowsIT Pro Readers' Choice Awards — Retina Network Security Scanner Selected as the "Best Security Scanner" in the WindowsIT Pro 2004 Readers' Choice Awards. September 16, 2004
	Information Security Excellence Awards — Retina Network Security Scanner recognized in the Information Security Magazine Excellence Awards for Vulnerability Assessment Security Monitoring. March 18, 2003
	NetworkWorld Best of the Tests — Retina Network Security Scanner software was selected as the Winner of the Network World 2005 Best of the Tests. November 11, 2002
	NetworkWorld's Blue Ribbon — Retina Network Security Scanner wins Network World's Blue Ribbon award for Network Risk Assessment Software. January 4, 2002

Retina Screenshots:

	Retina Discovery Retina discovers all the assets in a network infrastructure including operating system platforms, networked devices, databases and third party or custom applications.
	Retina Audit Users can leverage Retina's unsurpassed vulnerability database to accurately identify known vulnerabilities.
	Retina Remediation Retina allows for the prioritization of remediation efforts through its intuitive user interface, by categorizing vulnerabilities according to risk level.
	Retina Reporting Retina offers complete technical and executive reports, as well as customizable reports that can be tailored for specific content

Documentation:

Download the eEye Retina Network Security Scanner Datasheet (PDF).