Shavlik Releases Tool Building on MBSA
- By Scott Bekker
- May 30, 2002
Microsoft's collaborator on the free Microsoft Baseline Security Analyzer (MBSA) released an enhanced version of the tool of its own.
Shavlik Technologies this week released EnterpriseInspector 2.0 for vulnerability assessment of Microsoft environments.
The software helps administrators ensure that systems are up to date on appropriate security configurations and patches. Software covered by EnterpriseInspector 2.0 includes Windows NT 4, Windows 2000, Windows XP, Office, SQL Server, IIS and Internet Explorer.
Upgrading from the free MBSA tool to the pay Shavlik tool brings users added functionality that includes enterprise reporting options and centralized management and storage of security audits.
Shavlik CEO Mark Shavlik defines the difference between the free and paid tools. "MBSA is a nice free tool that's a desktop application that doesn't include any back-end database. We've taken that same code and added a back-end database to it," Shavlik says.
Putting SQL Server on the back-end means MBSA scans across the network can be deposited and analyzed from a central repository. Canned enterprise-wide reports are provided, including executive summaries and trend reports showing what happened between scheduled scans.
The new tool also adds the capability for auditing security practices of computers without assigned administrators, and it does that without pre-installing remote agent software.
Shavlik is pricing the tool aggressively to spur interest among large enterprises. "We wanted to price it so for the price of a low-end server, you could have all your machines managed by this product," Shavlik says.
The base price is about $3,125 for 1-50 managed computers, but current users of MBSA or HFNetChk, which Shavlik also developed with Microsoft, get a 20 percent discount. Current users of Shavlik's HFNetChk Pro are eligible for a 50 percent discount on EnterpriseInspector 2.0.
Scott Bekker is editor in chief of Redmond Channel Partner magazine.