Understanding Advisor

Advisor is an optional subscription service that provides device-level correlation between real-time events from intrusion detection and prevention systems and enterprise vulnerability scan results. By providing normalized attack information, Advisor acts as an early warning service to detect attacks against vulnerable systems. It also provides associated remediation information.

NOTE: You must also have the optional Advisor license in order to view the tab correctly. Otherwise you will see a notification that you are not licensed for Advisor. In addition, access to the Advisor tab is controlled by the administrator on a user-by-user basis.

The Advisor data feed is updated on a regular basis as new vulnerabilities are reported. It contains two parts:

The following intrusion detection and intrusion prevention systems are supported by Advisor:

      • Cisco Secure IDS

      • Enterasys Dragon Host Sensor

      • Enterasys Dragon Network Sensor

      • ISS BlackICE PC Protection

      • ISS RealSecure Desktop

      • ISS RealSecure Network

      • ISS RealSecure Server Sensor

      • ISS RealSecure Guard

      • Snort/Sourcefire

      • Symantec ManHunt

      • Symantec Intruder Alert

      • McAfee IntruShield

The following enterprise vulnerability scanners are supported by Advisor:

      • Database Scanner

      • Foundstone

      • Internet Scanner

      • nCircle IP360

      • Nessus

      • Phalanx

      • QualysGuard

      • Retina

      • System Scanner

      • Wireless Scanner