VIVAS: Vulscan automation in complex networking environments
Vulnerability scanning is part of an established IBM business process in accordance with corporate guideline ITCS 104, applicable also to servers and devices in the IBM shared-services infrastructure layer and many customer network segments. Whereas secure tunneling across firewalls is not guaranteed to unveil all vulnerabilities, it is difficult to deploy individual appliances or scan boxes into the many typically rather small network segments. Hence an innovative and cost-effective solution was designed in 2005 by NSD (Network Service Delivery) Germany in collaboration with the ZRL team. This led to the Vulscan Automation solution, which is used by the IBM Shared Networking Infrastructure (SNI) and the On-demand Data Center Services (ODCS).
The Vulscan Automation solution has been developed and is maintained by our team at ZRL and is operated by IBM and AT&T for the IBM European North East delivery centers (gSNI Ehningen, Berlin, Erfurt, Meerbusch, Schweinfurt, Frankfurt Rhein/Main, ODCS Brussels, and some IMT's such as Belgium and The Netherlands). The system provides automatic scheduling, launching, collecting, normalizing and reporting of data from a diverse set of discovery and vulnerability scanning tools, including the IBM ISS scanners. Secure access to the various network segments uses a dedicated infrastructure operated through SSH tunnels. Based on the achieved substantial cost savings, corresponding deployment activities are ongoing. This service is also orderable for our SO customer, as well as for existing and new accounts.