McAfee punts proactive virus protection

ThreatScan

By John Leyden • Get more from this author

Posted in Anti-Virus, 2nd April 2002 14:50 GMT

McAfee, the AV division of Network Associates, has released a virus vulnerability assessment tool designed to help firms spot weaknesses in anti-virus defences.

McAfee's ThreatScan software works in conjunction with McAfee's anti-virus management console, ePolicy Orchestrator, to scour the enterprise network for devices which may be vulnerable to virus infection.

Many companies offer vulnerability assessment, either as software or a managed service, and McAfee seeks to differentiate its product by emphasising its abilities at picking up avenues for viral infection.

Network Associates has its own stand-alone vulnerability assessment tool, called CyberCop, which David Emm, a marketing manager at McAfee, said provided a wider - but less focused - audit of security flaws than ThreatScan.

ThreatScan is tailored to known virus-related vulnerabilities and designed to provide proactive assessment of exposure to risks from worms like Nimda, he added. The idea is that, with centralised management through ePolicy Orchestrator, users will find it far easier to find and plug such gaps with ThreatScan than with other tools.

Administrators can use ThreatScan to audit devices within a given IP range, identify operating systems throughout the network and the service pack level of each operating system and application. The technology also searches for known viral vulnerabilities such as "listening" ports, open shares and well-known applications in use throughout the network, such as Microsoft IIS, ftp and telnet. It also look for PCs without, for example, patches to correct vulnerabilities to Outlook that are known to act as a vector for virus infestation.

After auditing the network, ThreatScan (which is positioned to work alongside McAfee's VirusScan AV software) provides recommendations to address vulnerabilities found and other reports. ®