Nexpose is a unified
vulnerability detection and management solution that scans networks to identify
the devices running on them and to probe these devices for vulnerabilities. It
analyzes the scan data and processes it for reports. You can use these reports
to help you assess your network security at various levels of detail and re-mediate any vulnerabilities quickly.
The vulnerability checks identify
security weaknesses in all layers of a network computing environment, including
operating systems, databases, applications, and files. The application can
detect malicious programs and worms, identify areas in your infrastructure that
may be at risk for an attack, and verify patch updates and security compliance
measures.
Components of
the Virtual Appliance
The Nexpose application consists
of two main components:
• Scan Engines perform
asset discovery and vulnerability detection operations.
You can deploy them outside your
firewall, within your secure network perimeter, or inside your DMZ to scan any
network asset.
• The Security Console communicates
with Scan Engines to start scans and retrieve scan information. All exchanges
between it and Scan Engines occur through encrypted SSL sessions over a
dedicated TCP port that you can select.
For better security and
performance, Scan Engines do not communicate with each other; they only
communicate with the Security Console.
When an asset is scanned for the
first time, the Security Console creates a repository of information about that
asset in its database. With each ensuing scan of the asset, the console updates
the information in the repository.
The Security Console includes a
Web-based interface for configuring and using the application. An authorized
user can log on to this interface securely using HTTPS to perform any task that
his or her role permits.
When you deploy the Virtual
Appliance, you will operate a Security Console with a local Scan
Engine.
Troubleshooting:
If for some reason your Nexpose
installation malfunctions, you may want to try running the service manually by
invoking the nsc.sh file, e.g.:
$
/opt/rapid7/nexpose/nsc/nsc.sh
When in the nsc directory, you
may need to invoke: sudo ./nsc.sh
Before running, make sure all
existing Nexpose processes are shut-down (you can verify this
with top or ps aux).
- Tags
-
