Introduction
As a top-level MSP engineer, my day-to-day responsibilities involve navigating the complex world of network vulnerabilities and security threats. A significant part of my role includes addressing and remediating vulnerabilities identified by various security tools. Often, I’m presented with two crucial lists: one containing a set of IP addresses and the other detailing specific security issues.
However, aligning these lists to determine which vulnerabilities apply to which device is rarely straightforward. This discrepancy often necessitates extensive investigative work to clarify the situation. Alternatively, I sometimes opt to run targeted scans on the specified IPs to accurately pinpoint which security hits are associated with which devices. This approach allows me to methodically address each issue, ensuring that every aspect of the network’s security is thoroughly covered.
What is Greenbone OpenVAS?
Greenbone OpenVAS (Open Vulnerability Assessment System) is an open-source vulnerability scanner and manager. It’s part of Greenbone’s larger network vulnerability management solution, which includes a vulnerability scanner, a management layer for networked scanners, and a regularly updated feed of Network Vulnerability Tests (NVTs). OpenVAS serves as a comprehensive tool for scanning and managing network vulnerabilities, providing MSPs with crucial insights into the security posture of their managed networks.
Key Features and Uses
Vulnerability Scanning: OpenVAS scans networks for known vulnerabilities, providing detailed reports on potential risks.
Regular Updates: The Greenbone NVT feed ensures up-to-date vulnerability detection.
Scalability: Suitable for scanning small to large networks, making it a versatile tool for MSPs serving diverse clients.
Customizable Scans: MSPs can tailor scans to specific network segments or types of vulnerabilities.
Benefits for MSPs
Comprehensive Security Analysis: OpenVAS offers a thorough understanding of a client’s network security, enabling MSPs to identify and address vulnerabilities proactively.
Cost-Effective: Being open-source, it’s a cost-effective solution compared to proprietary vulnerability assessment tools.
Client Trust and Compliance: Helps MSPs maintain client trust by ensuring compliance with various cybersecurity standards.
Automated and Regular Scanning: Automates the process of vulnerability scanning, saving time and resources for MSPs.
Potential Drawbacks
Complexity in Setup and Management: OpenVAS can be complex to set up and manage, especially for those unfamiliar with open-source tools.
Resource Intensive: Large-scale scans can be resource-intensive, potentially impacting network performance.
Limited Support: As an open-source tool, it lacks the dedicated support that comes with commercial products.
Detailed Description and MSP Use Cases
OpenVAS is not just a tool for scanning; it’s an integral part of a broader cybersecurity strategy. MSPs can leverage OpenVAS in multiple scenarios:
Routine Security Assessments: Regularly scheduled scans to ensure ongoing security posture management.
Compliance Audits: Using OpenVAS to validate compliance with industry standards.
Incident Response: Employing OpenVAS for a thorough network scan following a security incident.
OpenVAS in MSP Service Offerings
Incorporating OpenVAS into an MSP’s service portfolio enhances their value proposition. It demonstrates a commitment to proactive security management, potentially expanding market opportunities and client retention.
Conclusion: Balancing Pros and Cons
While OpenVAS presents certain challenges, particularly in terms of complexity and resource demands, its benefits as a comprehensive, cost-effective vulnerability assessment tool are undeniable. For MSPs, the ability to offer detailed security analyses using an open-source tool like OpenVAS can significantly enhance their service offerings, helping to build trust with clients and ensure their networks remain secure against a backdrop of ever-evolving cyber threats.
ITInnovationStation 
Leave a comment