Mh... I believe there are many other costs involved. Does Qualys provide source code to signatures? What is the cost (time/resources) of investigating false positives without this information? On the other hand, with commercial products you have someone to blame if the performance or results of a product are not satisfactory (based on a contract), however, no matter how excelent nessus is, there is no one forced to give you support with nessus (unless you buy support from another company; I also believe Renaud Deraison was working on a distributed nessus architecture that might be based on appliances and provide you with commercial support but I'm not sure). Omar > Yesterday some reps from Qualys came with a sales > presentation for their QualysGuard appliance. I'd like to > solicit your comments and opinions on that product. In > particular, do you think it's $45,000 per year better than > Nessus? (That's about the cost we'd face based on our IP > address range.) They claim it costs as much in > administration to run Nessus. Does Qualys' claim to more > vulnerability signatures and faster/easier updates hold > water? top spam and e-mail risk at the gateway. SurfControl E-mail Filter puts the brakes on spam & viruses and gives you the reports to prove it. See exactly how much junk never even makes it in the door. Free 30-day trial: http://www.surfcontrol.com/go/zsfptl1
This archive was generated by hypermail 2b30 : Thu Mar 27 2003 - 12:46:07 PST