3 OPENVAS SCAN – Overview

OPENVAS SCAN is a dedicated appliance for vulnerability scanning and vulnerability management. It is offered in different performance levels.

3.1 Hardware Appliances

Tip

A full product overview of all OPENVAS SCAN models can be found here.

3.1.1 Large Companies – OPENVAS SCAN G90

OPENVAS SCAN G90 is designed for the operation in large companies.

It can control other appliances as sensors and can also be controlled as remote scanner by other appliances.

The appliance comes in a 2U 19” chassis for easy integration into the data center. For simple installation and monitoring, it is equipped with a two-line LC display with 16 characters per line. For uninterruptible operation, it has redundant, hot-swappable power supplies, 4 solid-state drives (SSDs) and fans.

The appliance uses RAID (Redundant Array of Independent Disks) 6 as a software RAID. RAID is a data storage virtualization technology that combines multiple HDD components into one or more logical units for the purposes of data redundancy.

For managing the appliance, a serial port is available, in addition to two out-of-band management Ethernet ports (RJ45).

To connect to other systems, the appliance comes with a built-in module with 8 RJ45 Ethernet ports. Additionally, the appliance can be equipped with up to three more modules. The following modules can be used in any order:

  • Module(s) with 8 ports RJ45 (copper)

  • Module(s) with 8 ports 1 GbE SFP (Small Form-factor Pluggable)

  • Module(s) with 2 ports 10 GbE SFP+ (Enhanced Small Form-factor Pluggable)

3.1.2 Large Companies – OPENVAS SCAN 6500/5400

OPENVAS SCAN 6500 and OPENVAS SCAN 5400 are designed for the operation in large companies.

They can control other appliances as sensors and can also be controlled as remote scanners by other appliances.

The appliances come in a 2U 19” chassis for easy integration into the data center. For simple installation and monitoring, they are equipped with a two-line LC display with 16 characters per line. For uninterruptible operation, they have redundant, hot-swappable power supplies, 4 solid-state drives (SSDs) and fans.

The appliances use RAID (Redundant Array of Independent Disks) 6 as a software RAID. RAID is a data storage virtualization technology that combines multiple HDD components into one or more logical units for the purposes of data redundancy.

For managing the appliances, a serial port is available, in addition to two out-of-band management Ethernet ports (RJ45).

To connect to other systems, the appliances come with a built-in module with 8 RJ45 Ethernet ports. Additionally, the appliances can be equipped with up to three more modules. The following modules can be used in any order:

  • Module(s) with 8 ports RJ45 (copper)

  • Module(s) with 8 ports 1 GbE SFP (Small Form-factor Pluggable)

  • Module(s) with 2 ports 10 GbE SFP+ (Enhanced Small Form-factor Pluggable)

3.1.3 Medium-Sized Companies and Branches – OPENVAS SCAN G30/G10

OPENVAS SCAN G30 and OPENVAS SCAN G10 are designed for medium-sized companies and larger branch offices.

They can control other appliances as sensors and can also be controlled as remote scanners by other appliances.

The appliances come in a 1U 19” chassis for easy integration into the data center. For simple installation and monitoring, they are equipped with a two-line LC display with 16 characters per line. For uninterruptible operation, the appliances come with redundant fans.

For managing the appliance, a serial port is available in addition to a management Ethernet port. The serial port is set up as a Cisco-compatible console port.

To connect to other systems, the appliances are equipped with ten ports in total, pre-configured and set up as follows:

  • 8 ports RJ45 (copper)

  • 2 ports 10 GbE SFP+ (Enhanced Small Form-factor Pluggable)

A modular configuration of the ports is not possible. One of these ports is also used as management port.

3.1.4 Medium-Sized Companies and Branches – OPENVAS SCAN 650/600/450/400

OPENVAS SCAN 650, OPENVAS SCAN 600, OPENVAS SCAN 450 and OPENVAS SCAN 400 are designed for medium-sized companies and larger branch offices.

They can control other appliances as sensors and can also be controlled as remote scanners by other appliances.

The appliances come in a 1U 19” chassis for easy integration into the data center. For simple installation and monitoring, they are equipped with a two-line LC display with 16 characters per line. For uninterruptible operation, the appliances come with redundant fans.

For managing the appliance, a serial port is available in addition to a management Ethernet port. The serial port is set up as a Cisco-compatible console port.

To connect to other systems, the appliances are equipped with ten ports in total, pre-configured and set up as follows:

  • 8 ports RJ45 (copper)

  • 2 ports 10 GbE SFP+ (Enhanced Small Form-factor Pluggable)

A modular configuration of the ports is not possible. One of these ports is also used as management port.

3.1.5 Small Companies and Branches – OPENVAS SCAN 150

OPENVAS SCAN 150 is designed for small companies as well as for small to medium-sized branch offices.

Controlling sensors in other security zones is not considered. However, OPENVAS SCAN 150 itself can be controlled as a remote scanners by other appliances.

The appliance comes in a 1U 19” chassis for easy integration into the data center. For simple installation and monitoring, it is equipped with a two-line LC display with 16 characters per line. For uninterruptible operation, the appliance comes with redundant fans.

For managing the appliance, a serial port is available in addition to a management Ethernet port. The serial port is set up as a Cisco-compatible console port.

To connect to other systems, the appliance is equipped with ten ports in total, pre-configured and set up as follows:

  • 8 ports RJ45 (copper)

  • 2 ports 10 GbE SFP+ (Enhanced Small Form-factor Pluggable)

A modular configuration of the ports is not possible. One of these ports is also used as management port.

3.1.6 Sensor – OPENVAS SCAN 35

OPENVAS SCAN 35 is designed as a sensor for distributed scan systems.

The appliance can only be used in sensor mode and has to be managed via a master appliance. For this reason, it does not have a web interface itself. Appliances from OPENVAS SCAN 400/DECA can be utilized as masters for OPENVAS SCAN 35.

The appliance comes in a 1U steel chassis. For easy integration into the data center, an optional rackmount kit can be used. The appliance does not come with a display.

For managing the appliance, a serial port is available in addition to a management Ethernet port. The serial port is set up as a Cisco-compatible console port.

To connect to other systems, the appliance comes with four GbE-Base-TX (copper) ports in total. One of these ports is also used as management port.

3.2 Virtual Appliances

Tip

A full product overview of all OPENVAS SCAN models can be found here.

3.2.1 Companies of All Sizes – OPENVAS SCAN VIRTUAL

OPENVAS SCAN VIRTUAL is designed for companies of all sizes. The scan performance depends on the capacities of the used hypervisor.

It can control other appliances as sensors and can also be controlled as remote scanner by other appliances.

To connect to other systems, the appliances come with eight dynamic, virtual ports in total.

One of these ports is also used as management port.

3.2.2 Medium-Sized Companies and Branches – OPENVAS SCAN EXA/PETA/TERA/DECA

OPENVAS SCAN EXA, OPENVAS SCAN PETA, OPENVAS SCAN TERA and OPENVAS SCAN DECA are designed for medium-sized companies and larger branch offices.

They can control other appliances as sensors and can also be controlled as remote scanners by other appliances.

To connect to other systems, the appliances come with eight dynamic, virtual ports in total in case of OPENVAS SCAN EXA/PETA/TERA, or with four dynamic, virtual ports in total in case of OPENVAS SCAN DECA.

One of these ports is also used as management port.

3.2.3 Small Companies – OPENVAS SCAN CENO

OPENVAS SCAN CENO is designed for small companies as well as for small to medium-sized branch offices.

Controlling sensors in other security zones is not considered. However, OPENVAS SCAN CENO itself can be controlled as a remote scanners by other appliances.

To connect to other systems, the appliance comes with four dynamic, virtual ports in total.

One of these ports is also used as management port.

3.2.4 Sensor – OPENVAS SCAN 25V

OPENVAS SCAN 25V is designed as a sensor for distributed scan systems.

The appliance can only be used in sensor mode and has to be managed via a master appliance. For this reason, it does not have a web interface itself. Appliances from OPENVAS SCAN 400/DECA can be utilized as masters for OPENVAS SCAN 25V.

To connect to other systems, the appliance comes with four dynamic, virtual ports in total.

One of these ports is also used as management port.

3.2.5 Entry-Level Solution – OPENVAS BASIC

OPENVAS BASIC is designed as an entry-level appliance with a reduced feature set. It can neither control other appliances as sensors nor be controlled as a sensor by another appliance.

The appliance comes with one virtual port used for management, scan and updates.

Note

It is required to use OPENVAS BASIC with the OPENVAS ENTERPRISE FEED. Using the OPENVAS COMMUNITY FEED is not possible.

For OPENVAS BASIC, an OPENVAS ENTERPRISE FEED subscription key does not include access to the Greenbone Support Team by default. Access must be purchased separately. For further details, contact sales@greenbone.net.

3.2.6 Entry-Level Solution – OPENVAS SCAN ONE

OPENVAS SCAN ONE is designed as an entry-level appliance with a reduced feature set. It can neither control other appliances as sensors nor be controlled as a sensor by another appliance.

The appliance comes with one virtual port used for management, scan and updates.