Matthew Prouse

Nexpose Agent Review

Discussion created by Matthew Prouse on Oct 5, 2016
Latest reply on Jul 12, 2017 by Ken Mizota

So I recently installed the agent on a system and gave it a go.

I know it is Beta...but I wanted to address the items I saw in case they aren't being addressed...Please add your own experience or feedback to help me and others get better acquainted...

 

1) I like the idea this is for mobile systems like laptops that can check in from outside...

What I need is a way to use this agent on systems internally that are "off limits" to scanning for one reason or another and ensured the data is not traversing the "cloud" but proxying directly to the on prem console. I can already see this will not get approved by my Risk team without a full blown evaluation of how the data traverses.

 

2) The data is already disparate...my internal credential scan and the external agent data is not even close to matching. From vulnerabilities, software installed, users, groups, etc. This will cause all kinds of confusion around remediation and compliance if we applied this to other systems.

 

3) I have multiple security consoles in my environment...I see it matters which Nexpose Now dashboard I pull the install package from to build its relationship with that agents cert. No big deal I just thought this would be configurable to point an agent at a particular Console/Nexpose Now dashboard.

 

4) Also just looking at my basic system build the agent is the 4th largest consumer of memory. As we add other applications and move this to production I will look to see if that impacts our final builds.

 

I am sure I will have more but for now this is my initial feedback.

Outcomes