Re: Experiences with company nCircle and their IP360 product

From: David M. Zendzian (dmz@dmzs.com)
Date: Mon Nov 28 2005 - 13:48:56 EST


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

One other thing I've seen with nCircle (& a few other scanners), if you
run internally & have any legacy HP jetdirect printers located on your
network, you may want to check with nCircle to see if their scans still
lock up those printers.

Nothing like running a scan and having it lock up all your execs
printers or the accounting depts printers because the local IT admin
hasn't upgraded them in the last 5 years (we all upgrade our HP
jetdirect printers right?? :)

Any nCircle people paying attention to this thread?? Y'all have any
other thoughts y'all would like to contribute?

dmz

PS IMOHO, after playing with several of the products on the market,
unless you have months of time to build the solution you really want, I
am very happy with the speed and acuracy of the results provided by the
IP360. nCircle is a solid company that I have watched grow from a simple
app developed here in Berkeley to an enterprise solution that provides a
great place for companies to look for analyzing the systems on their
network.

One other thing worth looking into is which of these products are
providing APIs or other interfaces into change control or groupware
products to be able to track and recheck systems found to have exposed
vulnerabilities. nCircle is definately heading in a good direction with
their API and interfaces into other applications.
Glenn D Fournier wrote:

>I was part of a team that evaluated a number of vulnerability management
>products for use within a major government agency. The products evaluated
>were nCircle IP360, Foundstone, and Tenable's Lightning Console. From the
>initial discussions with vendors, nCircle seemed to be very promising, until
>we visited another agency that used the product. Bandwidth consumption was
>very high, throttling of the tool could alleviate this problem, but
>depending on the size of the network, this would translate into an excessive
>amount of time to conduct scanning. Also, nCircle was basically an "always
>on" product. Scans could not be paused or suspended, short of isolating the
>scanner from the network.
>
>In the long run, our team decided on Foundstone, which has been
>disappointing since we have implemented it. My personal choice was Tenable,
>and I would still prefer it over nCircle or Foundstone.
>
>-----Original Message-----
>From: Bongers, Coen [mailto:coen.bongers@logicacmg.com]
>Sent: Wednesday, November 23, 2005 8:25 AM
>To: pen-test@securityfocus.com
>Subject: Experiences with company nCircle and their IP360 product
>
>
>
>
><Message to moderator: I cross-posted this message, because it might be
>an interessting issue for both lists>
>
>Hello people,
>
>As a lurking list-user I have allready seen a lot of good information on
>these mailing lists. But now I would like to fire-off a question myself;
>
>Does any of the listmembers have any experience with the security
>company nCircle and their products? Their product IP360 in particular
>has my interest.
>
>The SanFrancisco and Londen based company has some interesting products
>for vulnerabillity management and Intrusion Detection. I've met with
>representatives of nCircle at some security-fairs in the past and they
>strike me as very professional and capable people. Also their products
>seem qualitative to me.
>
>Last weeks I've followed a discussion on best pen-test tools on these
>mailing lists, but I cannnot remember seeing anything about nCircle's
>products.
>
>So, any input on experience with their products and with the company
>(European office) would be appriciated.
>
>Possible subjects (amongst others) for response could be;
>
> -Easo of implementation
> -Ease-of-use
> -Support quality and speed
> -Missing features / unique features
> -Ease of integreation with other systems
> -Portabillity to other networks
> -etc
>
>Met vriendelijke groet / with kind regards,
>
>
>
>Coen Bongers
>
>Security Consultant
>
>________________________________________
>
>LogicaCMG
>
>* Coen.Bongers@logicacmg.com <mailto:Coen.Bongers@logicacmg.com>
>
>Website: http://www.logicacmg.com <http://www.logicacmg.com/>
>
>________________________________________________________________________
>________________________________________________________________________
>____________________________________________________
>
>The information contained in this email and its attachments (if any) is
>confidential and may be legally privileged. It is intended solely for
>the use of the individual or entity to whom it is addressed and others
>authorised to receive it. If you are not the intended recipient you are
>hereby notified that any disclosure, copying, distribution or action in
>reliance of the contents of this information is strictly prohibited and
>may be unlawful. LogicaCMG is neither liable for the proper and complete
>transmission of the information contained in this email nor for any
>delay in its receipt. If received in error, please contact LogicaCMG on
>+31 (0)40 295 77 77 quoting the name of the sender and the addressee and
>then delete it from your system. LogicaCMG does not accept any
>responsibility for viruses and it is your responsibility to scan the
>email and attachments.
>
>________________________________________________________________________
>________________________________________________________________________
>____________________________________________________
>
>
>
>
>
>
>
>This e-mail and any attachment is for authorised use by the intended
>recipient(s) only. It may contain proprietary material, confidential
>information and/or be subject to legal privilege. It should not be copied,
>disclosed to, retained or used by, any other party. If you are not an
>intended recipient then please promptly delete this e-mail and any
>attachment and all copies and inform the sender. Thank you.
>
>----------------------------------------------------------------------------
>--
>Audit your website security with Acunetix Web Vulnerability Scanner:
>
>Hackers are concentrating their efforts on attacking applications on your
>website. Up to 75% of cyber attacks are launched on shopping carts, forms,
>login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
>futile against web application hacking. Check your website for
>vulnerabilities
>to SQL injection, Cross site scripting and other web attacks before hackers
>do!
>Download Trial at:
>
>http://www.securityfocus.com/sponsor/pen-test_050831
>----------------------------------------------------------------------------
>---
>
>
>------------------------------------------------------------------------------
>Audit your website security with Acunetix Web Vulnerability Scanner:
>
>Hackers are concentrating their efforts on attacking applications on your
>website. Up to 75% of cyber attacks are launched on shopping carts, forms,
>login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
>futile against web application hacking. Check your website for vulnerabilities
>to SQL injection, Cross site scripting and other web attacks before hackers do!
>Download Trial at:
>
>http://www.securityfocus.com/sponsor/pen-test_050831
>-------------------------------------------------------------------------------
>
>
>
>
>
>
>
>

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.0.2 (Build 2424)

iQA/AwUBQ4tRHpcwFRNrWbm9EQKl4QCgpGQJe8V+UgK4+odsm2p1tXvUFHwAoJz+
eV5ELsn+wvhnTI2vuy/NmP0+
=Rwks
-----END PGP SIGNATURE-----

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:12 EDT