Pin Me

eEye Retina Network Security Scanner Review

written by: •edited by: Michele McDonough•updated: 4/27/2010
4

eEye Retina Network Security Scanner is a network vulnerability and compliance scanner developed by eEye Digital Security. With the ability to scan your network for security vulnerabilities and report on compliance with PCI Retina NSS sounds like a useful program, but is it? Read on to find out!

  • slide 1 of 3

    Overview and Features

    eEye Retina Network Security Scanner (NSS) allows you to scan your network for security vulnerabilities. Retina also has a comprehensive and easy to use reporting and remediation feature helping you ensure your network is secured properly. Below is a list of Retina’s features.

    • Discover – automated network discovery of hosts
    • Audit – create, schedule and run custom vulnerability assessments
    • Remediate – Retina helps you fix some vulnerabilities while giving you the information you need to remediate others
    • Report – several in depth and customizable reports
  • slide 2 of 3

    Installation and Usage

    Installing Retina is pretty straightforward. The application comes in a single executable with wizard-driven installer. After a few basic questions, Retina was installed and I was ready to use it. When first opened, Retina NSS took a few minutes to loads its large vulnerability database. Subsequent loads of Retina were much quicker.

    Typically, a user starts with host discovery. Retina includes a nice, easy to use host discovery tool. Input a range of IP addresses and Retina will scan your network for hosts (Figure 1). The nice thing is that you can have Retina perform subsequent discovery scans on a scheduled basis.

    After discovering hosts, you can move on to the Audit tab in the Retina interface. The Audit tab lets you set up scans for individual or groups of computers. You can also specify which ports to scan and which Audits to perform. Like the host discovery, you can also set up scheduled scans. Once you begin the scan, the results are updated in real-time on the same screen. It’s a nice layout for those that want immediate feedback – not only do you see that the scan is running, you see the results of the audit as well (Figure 2).

    After the scan completes, users move on to the Remediate tab. This allows you to easily generate a report stating a recommended remediation plan based on the priority of the vulnerabilities found along with the number of hosts affected (Figure 3). Although I wasn’t able to test this feature, Retina also gives you instructions on how to fix specific vulnerabilities and in some cases can remotely correct security issues such as registry settings and file permissions using Retina’s “Fix-It” function.

    The last tab in Retina is for reporting. I liked that Retina gives you several options and filters for creating custom reports. You can create high-level executive summaries (Figure 4), Summary reports, reports of vulnerabilities found and PCI reports. I was surprised to find that you can’t schedule reports like you can with host discovery and auditing. It would have been nice to have a report automatically sent to a user after an audit scan completes, but this is a minor quibble.

    Figure 1 - eEye Retina NSS Audit Figure 2 - eEye Retina NSS Discovery Figure 3 - eEye Retina NSS Remediation Figure 4 - eEye Retina NSS Executive Report 

  • slide 3 of 3

    Pricing and Overall Score

    Rating Average

    Retina NSS is licensed by the number of nodes you plan to scan. Pricing for the standalone Retina Network Security Scanner is quite affordable at $575 for 32 IP addresses, up to $1650 for 256 IP addresses.

    For the price and wealth of features, I think Retina is a must have product for any business serious about their network security. Between the comprehensive scans, automated scheduling and detailed prescriptive reports, I give Retina 5 out of 5.