Vulnerability scanning with PureCloud
nCircle PureCloud is a cloud-based network security scanning product built upon the companies’ vulnerability and risk management system IP360. The company was recently acquired by Tripwire, but no changes to the functionality or branding of the service have been made yet.
To use all of the functionalities of PureCloud, you will need one of Windows XP, Server 2003, Vista or 7. A November 2012 posting by a senior staff contributor to the PureCloud User Community forum mentioned that the company was “not actively developing (Windows 8) client support for PureCloud”. You’ll also need Flash for PureCloud’s user interface.
Besides its scanning technology, one of the key selling points of PureCloud is its usability. While it could use a “face lift” to align it with current web application look-and-feel standards, users will need just a minute or two to get used to the interface and start the scanning procedures.
The product offers two different types of scans: perimeter scan and a scan with a local connector. With the former you can scan by specifying devices, network ranges or fully qualified domain names. After setting up the targets, you can start the service immediately or schedule it as a one time or a recurring scan for the future. PureCloud also provides a PCI scan service.
The latter type of scan (and the one I prefer) is a local one. By installing a small PureCloud Secure Connector application on your client computer you are practically placing a virtual appliance within your network. An encrypted tunnel between your network and nCircle’s cloud service enforces strong security. With the local connector you can scan all the IP addresses in your local network and identify security issues.
The scanning times I’ve seen were rather good, but of course depend on the complexity of the system / network in your scan profiles. The administrator of the account gets an email alert as soon as the scan is completed. The reporting options are basic, but provide the important details with both the executive overview, as well as detailed vulnerabilities list. The system stores all your previous scans, so you can compare the results internally as well as with those of other organizations by using nCircle’s Benchmark.
One of the recent additions to the platform, provided to PureCloud subscribers at no additional charge, is SmartScan. This is an automatic service that can be enabled on selected scan profiles and it provides automated checks for Microsoft Patch Tuesday vulnerabilities, as well as checks for critical new threats as they are discovered by nCircle’s Vulnerability Exposure Research Team.
PureCloud is a great example of how a cloud-based service can provide simple and effective security services to small and medium businesses.