When it comes to vulnerability scanning for the datacenter, has anyone recommendations on how to put together a complete package?
It seems like VCM is unique in its ability for me to validate my configuration against the hardening guide without a lot of tweaking.
Tenable can do the hardening guide scan but it is a bit harder and more moving parts.
Ideally we would like to have just one scanning tool and a single pane of glass for scanning and getting reports- is this a realistic goal?
In the datacenter there are multiple things we need to scan:
- Operating Systems
- Physical Network Devices
- Physical Storage Devices like EMC VMAX, VNX, etc.
- vCenter
- ESXi hosts
- Environments like IBM i and P series
Is it reasonable to think you can do it all with one scanning tool and use something like Tenable to scan everything and tweak it for the specifics of each part of the datacenter
? Or are the vendor-specific tools going to be needed everywhere such as VCM for VMware?
