eEye Digital Security Retina Review – A Network Vulnerability Scanner
Overview and Features
eEye Retina Network Security Scanner (NSS) allows you to scan your network for security vulnerabilities. Retina also has a comprehensive and easy to use reporting and remediation feature helping you ensure your network is secured properly. Below is a list of Retina’s features.
- Discover – automated network discovery of hosts
- Audit – create, schedule and run custom vulnerability assessments
- Remediate – Retina helps you fix some vulnerabilities while giving you the information you need to remediate others
- Report – several in depth and customizable reports
Installation and Usage
Installing Retina is pretty straightforward. The application comes in a single executable with wizard-driven installer. After a few basic questions, Retina was installed and I was ready to use it. When first opened, Retina NSS took a few minutes to loads its large vulnerability database. Subsequent loads of Retina were much quicker.
Typically, a user starts with host discovery. Retina includes a nice, easy to use host discovery tool. Input a range of IP addresses and Retina will scan your network for hosts (Figure 1). The nice thing is that you can have Retina perform subsequent discovery scans on a scheduled basis.
After discovering hosts, you can move on to the Audit tab in the Retina interface. The Audit tab lets you set up scans for individual or groups of computers. You can also specify which ports to scan and which Audits to perform. Like the host discovery, you can also set up scheduled scans. Once you begin the scan, the results are updated in real-time on the same screen. It’s a nice layout for those that want immediate feedback – not only do you see that the scan is running, you see the results of the audit as well (Figure 2).
After the scan completes, users move on to the Remediate tab. This allows you to easily generate a report stating a recommended remediation plan based on the priority of the vulnerabilities found along with the number of hosts affected (Figure 3). Although I wasn’t able to test this feature, Retina also gives you instructions on how to fix specific vulnerabilities and in some cases can remotely correct security issues such as registry settings and file permissions using Retina’s “Fix-It” function.
The last tab in Retina is for reporting. I liked that Retina gives you several options and filters for creating custom reports. You can create high-level executive summaries (Figure 4), Summary reports, reports of vulnerabilities found and PCI reports. I was surprised to find that you can’t schedule reports like you can with host discovery and auditing. It would have been nice to have a report automatically sent to a user after an audit scan completes, but this is a minor quibble.
Pricing and Overall Score (5 out of 5)
Retina NSS is licensed by the number of nodes you plan to scan. Pricing for the standalone Retina Network Security Scanner is quite affordable at $575 for 32 IP addresses, up to $1650 for 256 IP addresses.
For the price and wealth of features, I think Retina is a must have product for any business serious about their network security. Between the comprehensive scans, automated scheduling and detailed prescriptive reports, I give Retina 5 out of 5.