What exactly are you looking to scan? The i runs web, telnet, FTP, ODBC,
Netserver, and other standard protocols so normal vulnerability assessment
tools can scan those just fine. If you're looking to do credentialed scans
where the tool is logging in via telnet, then you'd need something that's
iAware.

Here's the report, probably, where the auditor got their info:
http://www.gartner.com/technology/media-products/reprints/qualys/article1/article1.html
There are four "Strong Positive" vendors so you might want to compare them
against each other to see which is the best for for your org. Note the
report is almost a year old so the situation may have changed. The InfoSec
industry evolves rapidly.

(Full disclosure: My employer uses - and I administer - McAfee
Vulnerability Manager.)

On Mon, Apr 9, 2012 at 1:26 PM, Phil McCullough <Phil.McCullough@xxxxxxxx>wrote:

We're looking at purchasing the QUALLYS system for internal vulnerability
scanning (PCI ya-know).
They don't appear to be able to scan IBM-I's , but we noted that NESSUS
just announced an IBM-I plug-in for this ($1,500/year).
Our auditor told us that QUALYS was the industry leader, but scanning the
IBM-I seems like something good practices would dictate.
Anyone with experience with this. Any suggestions?

Phil
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.





This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2019 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].