I would strongly suggest, based on experience with Nessus, of starting your scanning process by sticking with just network equipment, a few devices at a time, and ensuring no reboots/hangs other issues occurred. As ron said, you'll find more missing patches/firmware updates than you realized. Get all your network devices happy with the scanning process by ensuring they experience no outages/reboots. That will ensure that the rest of your scan results are reliable as well. (part of that selection process is ensuring that if you're scanning multiple network devices at once, that an outage/reboot of one, won't affect the scan results of another -- easily resolved by limiting things to 1 host at a time if feasible, until you know how your network devices will respond)
The next step is working with the network team to ensure you scan devices right after they do any firmware or config changes, to ensure you keep things running smoothly. This process has worked well for me in my past experience with nessus. Of course, if you have a test environment, starting your scanning there is best. However, it's my experience that sometimes what's in test, and what's in production, arent' the same, between versions, firmware, patch level, etc.... "Mike Adams" <[EMAIL PROTECTED]> Sent by: [EMAIL PROTECTED] 09/26/2007 07:31 AM To cc Subject Nessus and networking equipment Hello, I recently just switched from using ISS in windows to Nessus in RHEL. I did a test scan of my network and it caused some major issues with connectivity. Is there anything I should know about in Nessus when it comes to networking equipment? Thanx! Mike_______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
<<image/gif>>
_______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
