QualysGuard Web-Service Gives Administrators an Immediate Solution to Protect Against SNMP Vulnerabilities
Redwood City, CA — February 14, 2002 — Qualys, Inc., the leader in the emerging category of Managed Vulnerability Assessment, today announced it is offering free network scan to companies concerned by the SNMP vulnerability advisory issued by CERT® this week, Advisory CA-2002-03. The free scan can be accessed at: https://www.qualys.com/forms/trial_snmp.html
SNMP (Simple Network Management Protocol) is a widely deployed protocol that is commonly used to monitor and manage network devices. Numerous vulnerabilities have been detected in multiple vendors’ SNMP implementations. These vulnerabilities may cause denial of service conditions, service interruptions, and may allow an attacker to gain access to the affected device.
The QualysGuard scan automatically detects if a system is SNMP-enabled and queries the SNMP information base to retrieve and display the SNMP information tree in the resulting report. The reports produced give IT managers a clear and concise look at their network vulnerabilities while providing recommendations on how to implement filters or how to disable SNMP completely.
“SNMP vulnerabilities belong within the information gathering category of threats which allows unauthorized users to access information of interconnected systems,” said Gerhard Eschelbeck, VP of Engineering at Qualys. “ QualysGuard currently detects the presence of 35 SNMP weaknesses on different devices and platforms. Qualys continues to update the web-service with new SNMP signatures as they are discovered with remedies from vendors to fix the problems.”
“SNMP vulnerabilities have been know to exist for a period of time and security communities and advisories recommend to disable SNMP on Internet connected devices as part of best security practices,” added Eschelbeck.
Designed to work on any size network and delivered over the Internet, QualysGuard uses advanced vulnerability detection techniques to assess a network’s security exposures and suggest remedies before intruders can take advantage of them. Via a simple Web-based interface, users can initiate a QualysGuard audit “on demand” by selecting networks or hosts to be audited, and choosing which known vulnerabilities to scan. Upon completion of the security audit, network administrators receive a report detailing vulnerabilities identified, severity level of each, and potential consequences with suggested remedies to fix each vulnerability.
To access the free scan, please visit visit https://www.qualys.com/forms/trial_snmp.html
Qualys, the Qualys logo and QualysGuard are proprietary trademarks of Qualys, Inc. All other products or names may be trademarks of their respective companies.
Contact: Megan Lamb