Quick Look: VAM Lite
Summary
*NOTE SecAnalysis opinions have changed since the release of this article regarding the Nessus interface*
First of all this report will be a little less instructional since StillSecure does such a good job with their user guide. There is really no purpose of me producing one here.? The guide can be seen here. Regardless, awhile ago I had the pleasure of having an on-site meeting with the folks at StillSecure. StillSecure is a strong, well-known security vendor that provides vulnerability management, NAC, and IPS/IDS products. StillSecure also provides Managed Security Services to customers looking to outsource their security capabilities.? Awhile ago I noticed that StillSecure offers a freeware version of their VAM product labeled VAM Lite.? VAM Lite is a relatively simple but powerful vulnerability scanner that leverages a web based user interface. VAM Lite differs from the commercial VAM product through the following (according to the StillSecure Website):
- Vulnerability scanning is limited to 100 IP addresses
- StillSecure’s Security POV reporting module is disabled
- VAM Lite can not be run in a distributed scanning environment
I decided I’d give VAM Lite a shot in the lab to determine whether it could be a mainstay. I was actually pleasently surprised to see the ease and poewr of the product. Granted much of the scanning technology is similiar if not the exact same as Nessus, however, one of the biggest problems with the freeware version of Nessus is the fact that the interface is hideous (particularly for windows) and adds little additional functionality. Thus, VAM Lite addresses a primary issue with an excellent solution (the interface).? VAM Lite is a simple, effective solution that can address the needs of a small business environment. In a large environment one needs to be careful of accidentally crossing a low performance firewall as the connections table could fill up very quickly based on the initial port scanning engine.
Things I Like
- Simple setup
- Simple to use interface
- Powerful Nessus backed scan engine
- The vulnerability summary page gives a good overview
Things I Dislike
- The interface is a little bit slow
- The interface uses quite possibly the ugliest “loading” image
- Difficult to customize outside of working directly on the system
Vulnerability Summary Tab
Thoughts
I generally like the interface a lot better than I enjoy the Windows version of Nessus, VAM Lite also gives you a much nicer interface for management as opposed to simple reports. The simple to use interface and easy set up make it an excellent solution for labs or security enthusiasts who wish to test out products or systems in their environments.? VAM Lite comes in two forms, virtual machine and iso. For my part, the virtual machine was the best solution.? VAM Lite is a must have for laboratory environments and should be tried out by all (especially since it is free!).
Check It Out
Check out VAM Lite under the “Freeware Products” at StillSecure’s website www.stillsecure.com