MaxPatrol

• MaxPatrol ^TM makes it a cinch to keep an up-to-date inventory of IT assets. View information about network resources (network addresses, OS, available network applications and services), identify hardware and software in use, and monitor the state of updates.
• Best of all, it sees changes to your IT infrastructure. MaxPatrol ^TM doesn't blink as new accounts and hosts appear, or as hardware and software are updated.
• Information about the state of infrastructure security is quietly collected and processed. This information includes any connected modems, wireless and external USB devices, software and hardware configurations, network device configurations, lists of installed software, users, and access roles.

• Network and system scanning detects vulnerabilities, misconfigurations, and weak passwords. Vulnerabilities are identified based on CVE, WASC Threat Classification, OWASP Top 10, and the Positive Technologies vulnerability database, with CVSS scoring.
• MaxPatrol ^TM performs comprehensive analysis of complex systems, including Windows, Linux, Unix, network equipment (Cisco, Juniper, Huawei, Check Point), virtualization systems (Hyper-V, VMware), web servers (Microsoft IIS, Apache HTTP Server, Nginx), and web application servers (IBM WebSphere, Oracle WebLogic, Apache Tomcat).
• MaxPatrol ^TM analyzes the security of web applications and detects most kinds of web application vulnerabilities: SQL Injection, Cross-Site Scripting (XSS), Remote Code Execution (RCE), and many more.
• Supported database software includes Microsoft SQL, Oracle, PostgreSQL, MySQL, MongoDB, and Elastic. Nothing slips by: network interaction settings, authentication, user rights and privileges, and update management are all checked.
• Vulnerabilities in SAP ERP systems are detected as well.
• Users get scan reports with a wealth of information on inventory, fixed vulnerabilities, changes in security of individual hosts and departments, and overall state of IT security.

• MaxPatrol ^TM verifies infrastructure for compliance with technical security standards set by CIS, SAP, VMware, and Positive Technologies.
• Ensure compliance with security policies, ranging from simple technical requirements (password length or lifetime, for example) to more complex ones (no out-of-date software).
• Security policies are customizable.
• Support for high-level standards (ISO/IEC 27001, PCI DSS, CIS) is built in.

• MaxPatrol ^TM automates inventory, vulnerability management, verification of security policy compliance, and change monitoring.
• Process automation reduces outlays for audits, security monitoring, and project preparation.
• Measure IT and infosec performance with an extensible set of security metrics and KPIs: monitor system status, scans, and comparisons between departments.
• Standards and policies can be customized to fit your company.

For a small office, all that's needed is a single MP Server with built-in scanner and management console. This is the minimum deployment option for MaxPatrol ^TM.

On mid-sized networks, MaxPatrolTM is designed to connect to multiple scanners.

Additional scanners help you to:

• Scale the system (when you need to scan a large number of hosts).
• Scan low-bandwidth network segments.
• Compensate for network topology, such as if security solutions or management interfaces are on a separate virtual network (VLAN).

At larger companies with multiple offices, MP Server is installed at each location. MP Consolidation Server and MP Local Update Server are deployed centrally at headquarters.

MP Consolidation Server is the hub for collecting and storing scan results from MP Server deployments, enabling centralized reporting.