3. Greenbone Security Manager – Overview

_images/gsm_overview_physical.png
_images/gsm_overview_virtual.png

The Greenbone Security Manager (GSM) is a dedicated appliance for vulnerability scanning and vulnerability management. It is offered in different performance levels.

3.1. Physical Appliances

3.1.1. Enterprise Class – GSM 5400/6500

The GSM 6500 and GSM 5400 are designed for the operation in large companies and agencies.

The appliances of the Enterprise Class can control other appliances as sensors. The appliances themselves can be controlled as remote sensors by another appliance.

_images/GSM_5400.png

Fig. 3.1 GSM of the Enterprise Class

The appliances in the Enterprise Class come in a 2U 19” chassis for easy integration into the data center. For easy installation and monitoring they are equipped with a two line LCD display with 16 characters per line. For uninterruptible operation they have redundant, hot swappable power supplies, hard drives and fans.

For managing the appliance, a serial port is available in addition to an out-of-band management Ethernet port. The serial port is set up as a Cisco compatible console port.

To connect to the monitored systems the appliances can be equipped with three modules. The following modules can be used in any order:

  • 8 ports Gigabit Ethernet 10/100/1000 Base-TX (copper)
  • 8 ports Gigabit Ethernet SFP (Small Form-factor Pluggable)
  • 2 ports 10-Gigabit Ethernet XFP

3.1.2. Midrange Class – GSM 400/450/600/650

The GSM 400, GSM 450, GSM 600 and GSM 650 are designed for medium-sized companies and agencies as well as larger branch offices.

The appliances of the Midrange Class can control other appliances as sensors. The appliances themselves can be controlled as remote sensors by another appliance.

_images/GSM_400.png

Fig. 3.2 GSM of the Midrange Class

The appliances in the Midrange Class come in a 1U 19” chassis for easy integration into the data center. For easy installation and monitoring they are equipped with a two line LCD display with 16 characters per line. For uninterruptible operation the appliances come with redundant fans.

For managing the appliance, a serial port is available in addition to a management Ethernet port. The serial port is set up as a Cisco compatible console port.

To connect to the monitored systems the appliances are equipped with eight ports in total, pre-configured and set up as follows:

  • 6 ports Gigabit Ethernet 10/100/1000 Base-TX (copper)
  • 2 ports Gigabit Ethernet SFP (Small Form-factor Pluggable)

A modular configuration of the ports is not possible. One of these ports is also used as management port.

3.1.3. SME (Small Enterprise) Class – GSM 150

The GSM 150 is designed for small companies and agencies as well as small to medium branch offices. Controlling sensors in other security zones is not considered. However, the GSM 150 itself can be controlled as a remote sensor by another appliance.

_images/GSM_150.png

Fig. 3.3 GSM of the SME Class

The appliance comes in a 1U steel chassis. For easy integration into the data center an optional rackmount kit can be used. The appliance does not come with a display.

For managing the appliance, a serial port is available in addition to a management Ethernet port. The serial port is set up as a Cisco compatible console port.

To connect to the monitored systems the appliance comes with four Gigabit Ethernet 10/100/1000 Base-TX (copper) ports in total. One of these ports is also used as management port.

3.1.4. Sensor – GSM 35

The GSM 35 is designed as a sensor for smaller companies and agencies as well as small branches.

The GSM 35 requires the control of an additional appliance in master mode. GSMs of the Midrange and the Enterprise Class (GSM 400 and beyond) can be utilized as masters for the GSM 35.

The appliance comes in a 1U steel chassis. For easy integration into the data center an optional rackmount kit can be used. The appliance does not come with a display.

_images/GSM_35.png

Fig. 3.4 Physical sensor

For managing the appliance, a serial port is available in addition to a management Ethernet port. The serial port is set up as a Cisco compatible console port.

To connect to the monitored systems the appliance comes with four Gigabit Ethernet 10/100/1000 Base-TX (copper) ports in total. One of these ports is also used as management port.

3.2. Virtual Appliances

3.2.1. Midrange Class – GSM DECA/TERA/PETA/EXA

The GSM DECA, GSM TERA, GSM PETA and GSM EXA are virtual appliances designed for medium-sized companies and agencies as well as larger branch offices.

The appliances of the Midrange Class can control other appliances as sensors. The appliances themselves can be controlled as remote sensors by another appliance.

The appliances in the Midrange Class can be deployed using VMware ESXi on Microsoft Windows, MacOS and Linux systems.

_images/GSM_EXA.png

Fig. 3.5 GSM of the virtual Midrange Class

To connect to the monitored systems the appliances come with eight dynamic, virtual ports in total in case of the GSM TERA/PETA/EXA or with four dynamic, virtual ports in total in case of the GSM DECA.

One of these ports is also used as management port.

3.2.2. SME (Small Enterprise) Class – GSM 150V/CENO

The GSM 150V/CENO is a virtual appliance designed for small companies and agencies as well as small to medium branch offices. Controlling sensors in other security zones is not considered. However, the GSM 150V/CENO itself can be controlled as a remote sensor by another appliance.

The GSM 150V/CENO can be deployed using VMware ESXi on Microsoft Windows, MacOS and Linux systems.

_images/GSM_CENO.png

Fig. 3.6 GSM of the virtual SME Class

To connect to the monitored systems the appliance comes with four dynamic, virtual ports in total.

One of these ports is also used as management port.

3.2.3. Sensor – GSM 25V

The GSM 25V is designed as a virtual sensor for smaller companies and agencies as well as small branches. It provides a simple and cost effective option to monitor virtual infrastructures.

The GSM 25V can be deployed using VMware ESXi on Microsoft Windows, MacOS and Linux systems.

The GSM 25V requires the control of an additional appliance in master mode. GSMs of the Midrange Class and the Enterprise Class (GSM 400 and beyond) can be utilized as masters for the GSM 25V.

_images/GSM_25V.png

Fig. 3.7 Virtual sensor

To connect to the monitored systems the appliance comes with four dynamic, virtual ports in total.

One of these ports is also used as management port.

3.2.4. Entry Class – GSM ONE

The GSM ONE is designed for specific requirements such as audit using a laptop or educational purposes. It can neither control other sensors nor be controlled as a sensor by another appliance.

The GSM ONE can be deployed using VMware ESXi on Microsoft Windows, MacOS and Linux systems.

_images/gsm-one-app_2000x600_transp.png

Fig. 3.8 GSM ONE

The GSM ONE comes with one virtual port used for management, scan and updates.

The GSM ONE has all the functions of the Midrange and Enterprise Class except for the following:

  • Master mode: The GSM ONE cannot control other appliances as sensors.
  • Sensor mode: The GSM ONE cannot be controlled as a remote sensor by another appliance.
  • Alerts: The GSM ONE cannot send any alerts via SMTP, SNMP, syslog or HTTP.
  • VLANs: The GSM ONE does not support VLANs on the virtual port.

Note

The GSM ONE is optimized for the usage on a mobile computer. Features required for enterprise vulnerability management like schedules, alerts and remote scan engines are only available on the full featured appliances.

3.2.5. Entry Class – GSM MAVEN

The GSM MAVEN is designed for micro offices as well as small branches. It can neither control other sensors nor be controlled as a sensor by another appliance.

The GSM MAVEN can be deployed using VMware ESXi on Microsoft Windows, MacOS and Linux systems.

_images/GSM_MAVEN.png

Fig. 3.9 GSM MAVEN

The GSM MAVEN comes with one virtual port used for management, scan and updates.

The GSM MAVEN has all the functions of the Midrange and Enterprise Class except for the following:

  • Master mode: The GSM MAVEN cannot control other appliances as sensors.
  • Sensor mode: The GSM MAVEN cannot be controlled as a remote sensor by another appliances.
  • Alerts: The GSM MAVEN cannot send any alerts via SMTP, SNMP, syslog or HTTP.
  • VLANs: The GSM MAVEN does not support VLANs on the virtual port.

Note

The GSM MAVEN is optimized for the usage on a mobile computer. Features required for enterprise vulnerability management like schedules, alerts and remote scan engines are only available on the full featured appliances.