Network Security Inspector

Frequently Asked Questions

The most obvious upgrade is the new UI, which is even easier to use and more intuitive for the User. Behind the scenes, SNSI has gone to a new dbase structure using SQL Express, which adds speed and performance, but more importantly it has a new sanning engine. The engine gives a tremendous boost in performance and capabilities, reducing scan times by a factor of 10+ in some cases, and allowing you to scan Vista machines (and preparing the way for Windows 7).

Why bother with SNSI when I can get MS scanners for free?

The Microsoft Scanners will scan for patches and some vulnerabilities. But what about an old copy of RealPlayer on a person's machine, which is a security risk? Or a best-practices type of security risk like the length of the password? SNSI scans for a multitude of third party vulnerabilities, multi platform.

Can I get a full 30-day eval?

Yes, you can get a key for 30-days unlimited testing.  Send a request to us asking for your SNSI UNLOCK Key.

What certifications does SNSI have, and does SNSI speak "CVE"?

The database used in SNSI, has received Common Criteria (CC) certification effective April 9, 2003. CC is a rigorous international standard for IT security evaluation and certification that is formally recognized and required in a growing international community. Since July 2002, this CC certification is a critical requirement for US government purchases as well as a growing number of other countries such as Australia, New Zealand, Canada, France, Germany, United Kingdom, Israel, Italy, Netherlands, and more. And SNSI does speak CVE as well.

Can I update the vulnerability database while I run the 30-day eval, and can SNSI be updated without reinstalling? Will I lose my current scan data?

SNSI Customers/Evaluators can ONLY update the vulnerability database if they have a full key. The 30-day Eval key unlocks SNSI to multiple machine mode (but no updates). The evaluation version of SNSI does not get updates. If you download and install the newest version/update and put in the evaluation key you will lose your current scans. If you purchase a license for SNSI, once you have entered the full key, you can use the "Update Now" button and it will update your current version and keep the scans you have.

Does SNSI survey/check applications?

Yes. SNSI checks for vulnerabilities associated with Microsoft Server Applications, and applications such as MS Word, MS Excel, Internet Information Server (IIS), ColdFusion, MS SQL Server, web browsers and many more third party applications.

Do I really need a dedicated machine for SNSI?

The issue is that other software can interfere with the scan (AV, firewalls, other apps that require Crystal Runtime files, etc.), so the safe way is to use a dedicated machine for the scan engine. However, with a correct configuration you might be able to run it off your admin workstation.

Does SNSI detect patches and which platforms does SNSI Support?

SNSI checks for known Windows related patches, including all the latest Service Packs and post-Service Pack patches, and patches for other third-party apps. It also checks for hot fixes associated with Windows Servers, and looks for roll-up patches. SNSI supports all major platforms. 

Does SNSI work over the Internet? And can it also work not connected to anything?

SNSI works with TCP/IP, which works over the Internet. It recognizes machine names and NT domain names, as well as IP addresses. SNSI can analyze a machine over the Internet if the domain is recognized and you have Administrative privileges. SNSI will scan multiple domains using multiple credentials. In general, if you can see a machine through Network Neighborhood, you can assess that machine with SNSI.

SNSI will run on a machine that does not have Internet connectivity (a black box). When you click on 'updates' it will show you a URL that you can go to and download the update from another machine and then get it to your black box machine via a CD, e-mail, etc.

Does SNSI find viruses, worms, and Trojan Horses?

Yes. SNSI finds known virus files, worms, and Trojan Horses such as Code Red, and many others. There are dozens of denial of service programs (nuke and winnuke) that SNSI also detects. SNSI can determine if you are vulnerable to Microsoft Word macro viruses as well.