MaxPatrol TM is made for managing vulnerabilities and compliance on corporate information systems. Penetration testing, system checks, and compliance monitoring are at the core of MaxPatrol TM. Together, these mechanisms give an objective picture of the security stance across IT infrastructure as well as granular insight at the department, host, and application level—precisely the information needed to quickly detect vulnerabilities and prevent attacks.
Product overview
Key functions
ELIMINATE YOUR NETWORK BLIND SPOTS
- MaxPatrol TM makes it a cinch to keep an up-to-date inventory of IT assets. View information about network resources (network addresses, OS, available network applications and services), identify hardware and software in use, and monitor the state of updates.
- Best of all, it sees changes to your IT infrastructure. MaxPatrol TM doesn't blink as new accounts and hosts appear, or as hardware and software are updated.
- Information about the state of infrastructure security is quietly collected and processed. This information includes any connected modems, wireless and external USB devices, software and hardware configurations, network device configurations, lists of installed software, users, and access roles.
IN-DEPTH ANALYSIS OF ALL YOUR SYSTEMS
- Network and system scanning detects vulnerabilities, misconfigurations, and weak passwords. Vulnerabilities are identified based on CVE, WASC Threat Classification, OWASP Top 10, and the Positive Technologies vulnerability database, with CVSS scoring.
- MaxPatrol TM performs comprehensive analysis of complex systems, including Windows, Linux, Unix, network equipment (Cisco, Juniper, Huawei, Check Point), virtualization systems (Hyper-V, VMware), web servers (Microsoft IIS, Apache HTTP Server, Nginx), and web application servers (IBM WebSphere, Oracle WebLogic, Apache Tomcat).
- MaxPatrol TM analyzes the security of web applications and detects most kinds of web application vulnerabilities: SQL Injection, Cross-Site Scripting (XSS), Remote Code Execution (RCE), and many more.
- Supported database software includes Microsoft SQL, Oracle, PostgreSQL, MySQL, MongoDB, and Elastic. Nothing slips by: network interaction settings, authentication, user rights and privileges, and update management are all checked.
- Vulnerabilities in SAP ERP systems are detected as well.
- Users get scan reports with a wealth of information on inventory, fixed vulnerabilities, changes in security of individual hosts and departments, and overall state of IT security.
POWERFUL AND FLEXIBLE COMPLIANCE
- MaxPatrol TM verifies infrastructure for compliance with technical security standards set by CIS, SAP, VMware, and Positive Technologies.
- Ensure compliance with security policies, ranging from simple technical requirements (password length or lifetime, for example) to more complex ones (no out-of-date software).
- Security policies are customizable.
- Support for high-level standards (ISO/IEC 27001, PCI DSS, CIS) is built in.
AUTOMATION AND MEASUREMENT OF SECURITY PROCESSES
- MaxPatrol TM automates inventory, vulnerability management, verification of security policy compliance, and change monitoring.
- Process automation reduces outlays for audits, security monitoring, and project preparation.
- Measure IT and infosec performance with an extensible set of security metrics and KPIs: monitor system status, scans, and comparisons between departments.
- Standards and policies can be customized to fit your company.
Architecture
The architecture of MaxPatrol TM is flexible: scale up and deploy at companies of any size. Match MaxPatrol TM to your infrastructure by picking the number of servers, scanners, and scanning modes.
The core of the system is MP Server. This management module is the go-to place for configuring the system. It includes MP Scanner, which scans, collects, and processes data. If necessary, connect additional scanning modules to MP Server. Adding modules improves scanning speed and sensitivity to network topology.
On large distributed systems, MaxPatrol Consolidation Server is just the thing. This server aggregates information from multiple MP Server modules for a full portrait of the entire IT infrastructure.
MaxPatrol Local Update Server (LUS) is the repository for the knowledge base, which contains information on checks, vulnerabilities, and standards.
MaxPatrol Mobile Server is a special version designed for mobile computers.
Minimum deployment
For a small office, all that's needed is a single MP Server with built-in scanner and management console. This is the minimum deployment option for MaxPatrol TM.
Mid-sized company
On mid-sized networks, MaxPatrolTM is designed to connect to multiple scanners.
Additional scanners help you to:
- Scale the system (when you need to scan a large number of hosts).
- Scan low-bandwidth network segments.
- Compensate for network topology, such as if security solutions or management interfaces are on a separate virtual network (VLAN).
Large company with multiple offices
At larger companies with multiple offices, MP Server is installed at each location. MP Consolidation Server and MP Local Update Server are deployed centrally at headquarters.
MP Consolidation Server is the hub for collecting and storing scan results from MP Server deployments, enabling centralized reporting.
Resources
►
Licenses and Certificates
►
Key product info
Benefits
Extensive knowledge base
MaxPatrol TM checks devices for more than 117,000 vulnerabilities. Positive Technologies experts are constantly investigating new threats and adding methods for detection to the knowledge base.
World-class expertise
Industry-recognized consultants and security experts make our knowledge base what it is. The product supports more than 180 information security standards, as well as in-house standards developed by Positive Technologies.
Far-reaching support
MaxPatrol TM supports more than 1,000 systems. Detect vulnerabilities and analyze configurations in Windows and Linux applications, network equipment, database software, and ERP solutions.
Customizable checks
MaxPatrol TM can check for compliance with main standards (ISO 27001, PCI DSS, and CIS), as well as any corporate security rules your company has created independently.
Multi-tiered reporting
Built-in report options give a full picture of the real state of your entire IT infrastructure. Reports are designed both for technical contributors and for management.
Automated vulnerability management
MaxPatrol TM is a thoughtful, comprehensive automated solution that combines all the mechanisms needed to assess the state of IT infrastructure and monitor your company's true level of security.
Integration
Update management, consolidation, and event correlation systems can be integrated with MaxPatrol TM to build a full-fledged corporate vulnerability management system.
Minimal false positives
Special mechanisms in MaxPatrol TM work to reduce the odds of a false vulnerability detection.
Safe to use
Flexible access controls limit visibility at various levels of the IT system tree. Each user can be assigned a list of allowed tasks.
Usage scenarios
Operational security controls
The knowledge base of standards and vulnerabilities in MaxPatrol TM gives an enormous advantage in the fight against vulnerabilities, configuration errors, and non-compliance. Clients can take advantage of the extensive knowledge base as well as develop their own requirements for IT systems and infosec monitoring processes.
- Detailed descriptions of issues and resolution recommendations accelerate the process of fixing non-compliance. Reporting and KPI functionality make infrastructure security and compliance checks easy to grasp.
MaxPatrol TM features combine to:
- Detect vulnerabilities on your infrastructure.
- Formalize and automate system audit processes.
- Enforce technical standards.
- Monitor changes in system status.
Automation of security
MaxPatrol TM enables automating ongoing inventory, audit, compliance verification, and change monitoring tasks for IT and security teams. Automating processes reduces overhead. Better still, these processes can now be performed much more often, which means fresher and more up-to-date information for system administrators.
Reports in MaxPatrol TM can show progress in achieving departmental KPIs (such as number of vulnerabilities on hosts, average time to patch, and compliance percentage). MaxPatrol TM gives clients:
- Significant time savings and more efficient processes for monitoring and change management.
- Objective key performance indicators (KPIs) for assessing IT and infosec effectiveness
Audit checks
Pentesting and auditing mechanisms in MaxPatrol TM give a timely view of the state of IT and infosec at the company—and even better, identify the most vulnerable devices and systems. Automated change monitoring feeds an up-to-date picture of security stance. Compliance monitoring gives a visual, easy-to-understand overview of how the current situation is compliant (or non-compliant) with configuration and protection requirements.
With MaxPatrol TM, companies can:
- Maintain current information on system assets.
- Conduct technical audits in a time-efficient way.
- Get technical and administration information.
Mergers and acquisitions
Mergers and acquisitions often lead to an unintentional weakening in security stance. Integrating IT systems at different levels, based on different approaches and infrastructures, is never a pain-free process. Infosec and IT teams are often tasked with "bolting on" an outside system and bringing it up to an acceptable level of security with maximum speed. Whether fully overhauling the infrastructure, or merely bridging systems without significant changes, there are a lot of choices to make. And when merging IT infrastructures from different companies, it becomes absolutely crucial to consistently identify problem spots, measure readiness, and track progress.