GFI vs Nessus

A

aaronearles

[H]ard|Gawd
Joined
Aug 31, 2006
Messages
2,016
Any thoughts from people who have experience with one or the other, or preferably both?

We have some internal pentesting coming up, and we'd like to prepare as best we can. I've installed the trial of each and I really prefer the Nessus interface over GFI's new bloated dashboard setup, I've used their old stuff and was happy with it - it's mostly the new GUI that I don't like, but GFI has the auto remediation stuff, and their price seems to be a lot better.

Price isn't a huge factor, but we are growing so I'd like to take that into account, and Nessus is a flat rate per year no matter how many IPs, GFI is priced per IP being scanned. On the other hand, GFI allows multiple consoles, Nessus is licensed per scanner, so external scans would technically require another license unless we install on a laptop. I think I'd prefer a dedicated "scanner appliance" that just runs scheduled scans monthly/quarterly/whatever.

What do you guys think?

For what it's worth, we're a financial institution, so it's all about PCI.
 
I don't have experience with GFI so I can't really give a comparison, but do double check your PCI requirements to make sure you are taking care of the 3rd party requirements. Not everything is allowed to be done in-house.
 
We have requirements to do both in house and a 3rd party pentest for our pci compliance.
 
Thanks for the responses guys, we're contracting a third party to perform the scans as well, we'd just like to get automated scheduled scans in place so that we're prepared and have answers for them when their onsite. I purchased Nessus Pro Feed today, and got it all set up, it's looking pretty good. GFI was significantly cheaper, but lacking the ability to schedule scans and act more like an appliance, I think Nessus is the way to go.
 
I would recommend Qualys, but if you are price sensitive Nessus.

GFI is ok but is really geared for an all windows environment, and since you are a financial institution I assume that you have a lot of *nix boxes.

With a Qualys license you get to use their hosted scanner to do external scans without paying extra, which is really nice for preparation, but you still have to get an ASV to perform the quarterly external scan.
They have a software version and an appliance that you can buy and run in your environment.

Qualys and Nessus both have PCI presets.

Who is your QSA?
 
You must log in or register to reply here.
Back
Top