Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

VA Scanners Pinpoint Your Weak Spots: Page 4 of 16

Our analysis of the top seven finishers follows. You'll find details about the other four products here. In addition, our extensive table of vulnerabilities sought and detected can be found here.


FoundScan was one of the most polished products we tested. Its management interface is clean, understandable and relatively stable, though we did lock up several times during invasive scans. We especially liked being able to restrict user access, allowing multiple levels of administrative control. This feature fits well with a product that also offers a ticketing system for remediation of identified vulnerabilities.

Although Foundstone didn't offer much in the way of data export, its HTML reports were clean, relatively easy to understand and could be sorted in a variety of ways, letting administrators efficiently view reports. Furthermore, because the scanner writes directly to a Microsoft SQL Server, organizations can build their own reports by directly accessing the system's databases.


What this product lacks in reporting it makes up for with its remediation ticketing system, which lets enterprises share the "vulnerability joy" among network and security administrators. The only other product we saw with this type of system was eEye's Retina. Unfortunately, these ticket systems don't integrate with other helpdesk/trouble-ticket software.

Foundstone allows a great deal of flexibility for tuning performance. VA administrators can change the total number of concurrent threads, the overall scan acceleration, the packet interval and the total number of scan objects allowed. Although we found the defaults solid for the test group we were scanning, performance can be adjusted to scan a larger test group more efficiently.

Foundstone's vulnerability database exceeds 2,000 entries, but it detected only about 50 percent of our vulnerabilities. Unfortunately, the 50 percent mark wasn't all that shabby compared with its rivals: No product came close to detecting all the vulnerabilities.