Define Your Needs

Before scanning your enterprise network for security holes, you must remember that simply scanning anything that has an IP address will not bring you the expected benefits unless you can handle the huge number of vulnerabilities that are likely to appear in the report.

Our experience shows that on a typical vulnerability scan in a medium-to-large enterprise, each host scanned returns an average of 3 high-risk, 5 medium, and about 10 low-risk vulnerabilities. Quick math will show that scanning a small subnet of 100 hosts will return around 300 high-risk vulnerabilities and about 1,800 vulnerabilities in total. This computation doesn t take into account that some vulnerabilities might be the same on different computers, or that the same vulnerability might exist on different ports on the same machine.

According to an old Chinese proverb, if what we know is the contour of a circle, and what we do not know is the inside of that circle, the more we know the less we know that we do not know. We therefore must prepare beforehand so we re not overwhelmed by the amount of information we will receive once we start scanning the network. We will divide the preparation into three parts: planning, preparation, and segmentation.