PRTG Network Monitor is the flagship offering from German software company Paessler, for monitoring local and wide area networks (LANs & WANs), servers, websites, apps, and more.
$1,750
perpetual license
Tenable Nessus
Score 8.3 out of 10
N/A
Tenable headquartered in Columbia offers Nessus, a vulnerability scanning and security assessment solution used to analyze an entity's security posture, vulnerability testing, and provide configuration assessments.
If there are a number of different protocols and devices to monitor PRTG is really an all in one solution. There are network specific solutions, telephony solutions, server solutions, etc - but this tool can do anything. Even if you don't use this tool as your main "monitoring solutions" every IT professional should have access to this tool for at least troubleshooting purposes. If you are looking for something specific built for a task you may be able to find [a] more direct and easy tool to use that would be easier and quicker to setup as customization is not needed.
Nessus is perfectly suitable for performing comprehensive vulnerability assessment scans being a vulnerability scanner. It is less appropriate for performing penetration testing since it is not a penetration testing tool, it does not have the ability and modules to exploit the vulnerabilities of the system.
Very, very configurable. You can create all kinds of monitors for all kinds of things. Plus it has loads of suggestions out of the box. It can get complicated but monitoring is complicated. Pretty decent interface and good support - active community.
I really liked how easy it was to add alerts by SMS. So easy to setup.
I like their sizing models (for purchase). We're actually small enough that we are free. But it's not free as in stripped down - it's free because we don't use many "sensors" and don't honestly have the need.
With Nessus we can find the missing critical patches for a server or workstations.
Nessus points out any vulnerable or outdated software Technologies used in the system, thus eliminating any chances for security flaws being turned up.
Nessus typically points any configuration level issues in accordance with the OWASP guidelines. Even the configuration of SSL related which are most of the time handled by some vendors or 3rd parties.
Nessus not only lists out these Vulnerabilities but describes clearly the vulnerabilities in details with its thousands of plugins updated regularly, the tool also recommends solution with practical details of easy implementation.
The probe service can be quite resource-intensive. This can cause false-positive readings from some sensors sometimes.
The software gets updated very regularly. Whilst this is usually a good thing to fix bugs etc, it does meantime downtime of the monitoring quite often while they are installed.
The ability to create Maps from Libraries. Very specific issue but a lot of people have been asking for it for years and it is still not available.
Nessus is best and easy to use application for Vulnerabilities finding and reporting, it has multiple platforms and wide scope covering almost all devices for security improvement so far, thus we are very likely to continue its services.
The tool is very intuitive to use and it is Windows-based (everybody knows how to use Windows) so it's easy to get into. Every time is setup in a hierarchy so if you have a good initial hierarchy design, it will really reduce administrative effort down the road.
I am giving this a 6 simply because I have never had to contact support. The online documentation is adequate for most things, and the user-maintained knowledgebase is excellent. The few times I have run into issues that were not easily resolvable with intuitive UI, I was able to find the answers that I needed either in the PRTG-provided documentation, the knowledgebase, or with a quick online web search.
I haven't needed to contact support yet. But issues are easily solved with a quick internet search which means support and by extension, the larger community are involved and knowledgeable.
I have deployed and tested three products for evaluation I found [PRTG Network Monitor] very easy to deploy, the deployment literally took not more than one hour including basic configuration and network discovery. After deployment few configuration changes and creation of maps, reports and little tweaking is required. [Then] it would go through its process of recommendation that took some time to complete, while [on] other hand other software's took lot of time to install and configure. And features were also missing, which resulted in decision in favor of [PRTG Network Monitor].
Sometimes when we identify a vulnerability with Nessus that has an exploit, we made a proof of concept with Metasploit in order to show to the IT managers the importance of the software/hardware hardening.
The ability to analyze multiple pieces of information in one place, especially with historical data, has saved our IT department time and headaches. It would be so much more difficult to trace an issue without PRTG, just relying on event logs and an open task manager window.
The cost is not cheap, so it's an expense that hits the bottom line like everything else. Figure in hardware costs as well, ideally a server outside of your main environment.
I keep saying this, but the historical data piece is worth so much. There's really no good way to collect all of that information in one place without something like PRTG. And that definitely saves time and money in the long run.
Nessus certainly has a positive impact while me while performing my job, either as security research, or performing vulnerability assessments for clients. It gives a lot of information about the system/application after performing scans. The number of false positives is also less compared to other vulnerability scanners.
The professional edition is very useful as policy templates available in this edition are very handy and useful even to perform compliance scan like PCI DSS scan.
Also, the ability to export the scan results into reports in formats like HTML, PDF is very useful which could be for performing system/application reviews.
