SolarWinds Automates Network Vulnerability Detection and Security Policy Enforcement
Posted OnJune 11, 2015 by GB Shah
Latest Version of SolarWinds Network Configuration Manager Leverages the National Vulnerability Database in a Security Content Automation Protocol (SCAP) Compliant Manner to Identify Device Vulnerabilities and Provide Automated Remediation Actions
SolarWinds (NYSE: SWI), a leading provider of powerful and affordable IT performance management software, today announced enhancements to SolarWinds® Network Configuration Manager (NCM), its network device configuration and change management product for Cisco®, Juniper®, HP®, Dell®, and Brocade routers and switches and any other device with a command line interface. The latest version makes it easier to demonstrate security compliance by automatically performing vulnerability scanning on Cisco Adaptive Security Appliance (ASA)- and Internetwork Operating System (IOS®)-based devices using Common Vulnerabilities and Exposures (CVE) published by the National Vulnerability Database (NVD). Additionally, SolarWinds NCM now provides automated remediation options and National Institute of Standards and Technology (NIST®) Federal Information Security Management Act (FISMA) and Defense Information Systems Agency (DISA®) Security Technical Implementation Guide (STIG) compliance reports out-of-the-box.
"IT pros have traditionally focused on configuration details and assumed that means that network routers, switches and firewalls are secure. But with security becoming an ever growing concern for IT pros, it is important to ensure that network devices themselves, and the software that they run on, do not contain weaknesses and that any new vulnerabilities are remediated quickly," said Nikki Jennings, group vice president, products and markets, SolarWinds. "Security tools focused on the actual network devices are few and far between and often IT pros find themselves manually updating and patching device software, but SolarWinds NCM now automatically identifies vulnerabilities and assists in the remediation of issues providing IT pros with peace of mind."
Cisco Device Vulnerability Scanning
By automatically receiving updated security alerts from the NVD, SolarWinds NCM now helps identify risks to network reliability and security by detecting potential vulnerabilities in Cisco ASA- and IOS-based devices. Using integrated access to the CVE system published in SCAP format, a match between a vulnerability and a device will trigger an alert from SolarWinds NCM, which can be followed up with an interactive report that documents remediation steps.
Automatic Remediation Actions
If vulnerabilities are found, SolarWinds NCM will provide an alert, compile a report on violations by control and device, and now provide automatic remediation actions. By creating reusable remediation scripts that are set to run automatically whenever specific violations are detected, SolarWinds NCM provides reassurance that vulnerabilities are fixed, network devices are secure and compliance is being enforced.
Additional Out-of-the-box Compliance Reporting
SolarWinds NCM automatically analyzes router and switch configurations for compliance with NIST FISMA and DISA STIGs and now includes templates for reporting on these compliance standards. Additionally, SolarWinds NCM will continue to provide out-of-the-box templates for the Payment Card Industry Data Security Standards (PCI DSS), Health Insurance Portability and Accountability Act (HIPAA) and other standards. All reports can be customized to meet the requirements specific IT environments or additional compliance regulations.
SolarWinds NCM recently won Best Risk/Policy Management Solution from SC Magazine® at their 2015 SC Awards U.S., marking the third win in this category.
For a live demonstration of the new SolarWinds NCM features stop by booth 1119 at Cisco Live!® June 7-11, 2015 in San Diego, Calif.
Pricing and Availability
SolarWinds Network Configuration Manager pricing starts at $2,845 USD* and includes the first year of maintenance. For more information, including a downloadable, free 30-day evaluation, visit the SolarWinds website or call 866.530.8100866.530.8100 FREE.
*Price as of May 19, 2015. Pricing may vary based upon the jurisdiction and applicable currency. Please contact a local SolarWinds sales representative to find pricing specific for your jurisdiction.
SolarWinds (NYSE: SWI) provides powerful and affordable IT management software to customers worldwide from Fortune 500® enterprises to small businesses. In all of our market areas, our approach is consistent. We focus exclusively on IT Pros and strive to eliminate the complexity that they have been forced to accept from traditional enterprise software vendors. SolarWinds delivers on this commitment with unexpected simplicity through products that are easy to find, buy, use and maintain while providing the power to address any IT management problem on any scale. Our solutions are rooted in our deep connection to our user base, which interacts in our thwack® online community to solve problems, share technology and best practices, and directly participate in our product development process. Learn more today at http://www.solarwinds.com/.
SolarWinds, SolarWinds & Design and thwack are the exclusive property of SolarWinds Worldwide, LLC or its affiliates. All other company and product names mentioned are used only for identification purposes and may be or are intellectual property of their respective companies.