RE: Experiences with company nCircle and their IP360 product

From: Glenn D Fournier (gdf_bah@comcast.net)
Date: Thu Nov 24 2005 - 08:52:34 EST


I was part of a team that evaluated a number of vulnerability management
products for use within a major government agency. The products evaluated
were nCircle IP360, Foundstone, and Tenable's Lightning Console. From the
initial discussions with vendors, nCircle seemed to be very promising, until
we visited another agency that used the product. Bandwidth consumption was
very high, throttling of the tool could alleviate this problem, but
depending on the size of the network, this would translate into an excessive
amount of time to conduct scanning. Also, nCircle was basically an "always
on" product. Scans could not be paused or suspended, short of isolating the
scanner from the network.

In the long run, our team decided on Foundstone, which has been
disappointing since we have implemented it. My personal choice was Tenable,
and I would still prefer it over nCircle or Foundstone.

-----Original Message-----
From: Bongers, Coen [mailto:coen.bongers@logicacmg.com]
Sent: Wednesday, November 23, 2005 8:25 AM
To: pen-test@securityfocus.com
Subject: Experiences with company nCircle and their IP360 product

<Message to moderator: I cross-posted this message, because it might be
an interessting issue for both lists>

Hello people,

As a lurking list-user I have allready seen a lot of good information on
these mailing lists. But now I would like to fire-off a question myself;

Does any of the listmembers have any experience with the security
company nCircle and their products? Their product IP360 in particular
has my interest.

The SanFrancisco and Londen based company has some interesting products
for vulnerabillity management and Intrusion Detection. I've met with
representatives of nCircle at some security-fairs in the past and they
strike me as very professional and capable people. Also their products
seem qualitative to me.

Last weeks I've followed a discussion on best pen-test tools on these
mailing lists, but I cannnot remember seeing anything about nCircle's
products.

So, any input on experience with their products and with the company
(European office) would be appriciated.

Possible subjects (amongst others) for response could be;

        -Easo of implementation
        -Ease-of-use
        -Support quality and speed
        -Missing features / unique features
        -Ease of integreation with other systems
        -Portabillity to other networks
        -etc

Met vriendelijke groet / with kind regards,

Coen Bongers

Security Consultant

________________________________________

LogicaCMG

* Coen.Bongers@logicacmg.com <mailto:Coen.Bongers@logicacmg.com>

Website: http://www.logicacmg.com <http://www.logicacmg.com/>

________________________________________________________________________
________________________________________________________________________
____________________________________________________

The information contained in this email and its attachments (if any) is
confidential and may be legally privileged. It is intended solely for
the use of the individual or entity to whom it is addressed and others
authorised to receive it. If you are not the intended recipient you are
hereby notified that any disclosure, copying, distribution or action in
reliance of the contents of this information is strictly prohibited and
may be unlawful. LogicaCMG is neither liable for the proper and complete
transmission of the information contained in this email nor for any
delay in its receipt. If received in error, please contact LogicaCMG on
+31 (0)40 295 77 77 quoting the name of the sender and the addressee and
then delete it from your system. LogicaCMG does not accept any
responsibility for viruses and it is your responsibility to scan the
email and attachments.

________________________________________________________________________
________________________________________________________________________
____________________________________________________

This e-mail and any attachment is for authorised use by the intended
recipient(s) only. It may contain proprietary material, confidential
information and/or be subject to legal privilege. It should not be copied,
disclosed to, retained or used by, any other party. If you are not an
intended recipient then please promptly delete this e-mail and any
attachment and all copies and inform the sender. Thank you.

----------------------------------------------------------------------------

--
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for
vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers
do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
----------------------------------------------------------------------------
---
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 
Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------


This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:11 EDT