ProRapid7 NeXpose 4.1
- By Carlos A. Soto
- Jul 27, 2006
Good scanning timesCons:
Complicated interface; not ideal for large installationsPrice:
$12,000 for 64 IP addressesPerformance:
BEase of use:
One problem with older versions of Rapid7 NeXpose was that it took a long time to scan networks, particularly when it came to its antivirus services. In the latest version of NeXpose, Rapid7 has increased all its scanning speeds, built up its policy library and improved the asset inventory capabilities. At the same time, the software includes redesigned wizards to guide users through the features with greater ease.
In fact, we can't find a single feature in this new installment that hasn't been improved or redesigned. But that doesn't mean NeXpose is perfect. Despite the makeover, we still find the interface less intuitive and the features not yet as efficient, fast or detailed as those in the BigFix and Altiris suites.
Still, there was much we liked in NeXpose 4.1, such as the Global Search feature, which makes it easier to find and prioritize vulnerabilities. Admins can quickly create full-text queries for asset groups, sites, devices or vulnerabilities in a database. We also liked the software's ability to confirm vulnerability remediation using its Ticketing System and Baseline Report. The ticketing system in NeXpose is the most robust in the review and can make a big difference in keeping track of some of the smaller vulnerabilities that turn into serious problems.
NeXpose is also affordable, able to cover 64 independent IP addresses for as little as $12,000. And unlike the other suites we tested, you can buy NeXpose in a plug-and-play appliance for quicker installations.
Rapid7 has made government inroads, with deployments at the Securities and Exchange Commission, Homeland Security Department and various state and local agencies. However, we don't see large-scale NeXpose deployments saving IT departments as much money or time as other products might.
It still takes too long to scan a network, and the interface is too complex to navigate quickly. Nevertheless, in the appliance format, NeXpose could be the robust vulnerability management suite that small or midsize agencies are looking for.
Rapid7 LLC, Boston, (617) 247-1717, www.rapid7.com