Security Vulnerability > Guidelines For Selection
Number of Vulnerabilities - How many new vulnerabilities can it scan?
Vulnerabilities Database - Is the vulnerability database precise?
Vulnerability Scan Result Report - Is the scan result persistent and various?
Ease of Use - Can an inexperienced user use this?
Supports English (GUI, Result Report, Manual Etc.) - Does it support English?
Supports Various OS - Commercial Unix OS, Linux, Windows NT/2000, etc.
New Vulnerability Scan Module Online/Offline Update - Does new vulnerabilities get applied instantly?
Reliable User Organizations - Has many reliable user organizations?
System Scanner, Network Scanner, Internet Scanner
System/Host/Network/Internet Scanner
Vulnerability Assessment Tool
System/Host/Network Security Vulnerability Analysis Tool
System/Host/Network Security/Prevention
Generally scans for system password vulnerabilities, internal vulnerabilities, environmental vulnerabilities, file permission errors, etc. and since the network scanner scans most vulnerabilities on the target server, the vulnerability information is relatively precise.
Provides a comprehensive scan function for network resources on the network to scan for vulnerabilities.
This may lead to imprecise results compared with the system scanner. But, is easier to manage for an agent is not necessary for each target server.
  System Scanner Network Scanner
Major Scan Category *User Account/Password Vulnerability Scan
*Administrator Environment Vulnerability Scan
*User Environment Vulnerability Scan
*Network Service Vulnerability Scan
*Network Structure & Service Environment Scan
*System Structure Error Scan
*Backdoor, Rootkit Vulnerability Scan
*Detects Operating System
*Detects Open Ports
*Distinguishes Services for Unknown Ports
*Obtains System Information via the Network
*Obtains Service Information via the Network
*Attacks Known Vulnerabilities via the Network
*Scans Known Vulnerabilities via the Network
Pros *Scan Results are Precise
*System Internal Vulnerabilities can be Scanned
*Installation of Agent on the Target Server is Unnecessary
Cons *Installation of Agents on Each Target Server *Scan Results can be Imprecise
*Limit to Scanning System Internal Vulnerabilities
User *Usually the Server Administrator
*Usually the Network Administrator
*For Small Number of Servers or Relatively Important Servers *For Large Networks with Many Servers
Product Name
*Secuguard SSE (System Security Explorer)
*Secuguard SSE-ws (Web-based)
*Secuguard NSE (Network Security Explorer)