Network Management solution provider SolarWinds has announced updates to its Network Configuration Manager, which now comes with automated vulnerability scanning as well as new compliance report options.
The latest version of the software uses the “National Vulnerability Database (NVD) in a Security Content Automation Protocol (SCAP) compliant manner to identify device vulnerabilities and provide automated remediation actions,” the company said in a statement.
Specifically, scanning on Cisco’s Adaptive Security Appliance and Internetwork Operating System-based devices has been automated and enhanced using Common Vulnerabilities and Exposures published by NVD. It also supports “out-of-of-the-box” Security Technical Implementation Guide compliance reports required by the National Institute of Standards and Technology Federal Information Security Management Act and the Defense Information System Agency.
“For IT pros, it is important to ensure that network devices themselves, and the software that they run on, do not contain weaknesses and that any new vulnerabilities are remediated quickly,” said Nikki Jennings, group vice president of products and markets at SolarWinds in a statement.
The company said that using integrated access to the CVE system published in SCAP format, a match between a vulnerability and a device will trigger an alert from SolarWinds NCM, which can be responded to with an interactive report and automatic remediation actions.
NCM automatically analyses for compliance with NIST FISMA, DISA STIGs, and provides templates for the Payment Card Industry Data Security Standards (PCI DSS), Health Insurance Portability and Accountability Ace (HIPAA) and other standards.