Security scanner

Security assessment
Security Management

Compliance

Vulnerability Scan

Integrity check

Network Scanner

Updates search

Vulnerability Assessment

Network Inventory

ABOUT

RedCheck is a comprehensive solution for security audit of a company IT-infrastructure (a security scanner).

As of today RedCheck is the flagship product of “ALTEX-SOFT" company. We combined all the knowledge and experience of our specialists and foreign colleagues working on the SCAP project. Creating this security scanner took more than a year, which by today's standards is a fairly short period for such serious projects. It was possible due to our exclusive technologies developed through thousands of «Check» products’ installation and management as well as to the huge experience in security content development, stored in our OVALdb repository.

RedCheck is a simple and convenient solution for security analysis and information security management in organizations of any size. It provides search and prevention of vulnerabilities caused by code errors, incorrect settings, security settings, weak password protection, unauthorized software and hardware installations, critical updates installation delays, violations of any security policies.

RedCheck can improve the efficiency of security services and IT-departments, reduce the cost of security management and ensure continuous security monitoring of your corporate network.

The system is constantly being improved with daily vulnerabilities database updates and regular releases of new products and platforms. Our database contains descriptions of more than 50 000 different vulnerabilities and related security content.

Key Features

  • Vulnerabilities and critical security updates search (based on the OVAL-written content) for main software platforms: Microsoft, Red Hat, ROSA, Debian, Ubuntu, ORACLE, SUSE, Cisco and others.
  • Compliance of policies recommended by software developers and expert organizations.
  • Compliance of policies and standards including CIS, PCI DSS, STO BR, ISO / IEC 17799, ISO / IEC 27002.
  • Detailed software, hardware and software network critical analysis.
  • File-level system integrity check using embedded certified data protection.
  • Network Scanner.
  • Password brute force.
  • Detailed reports for each area of audit.

Main advantages

  • Allows you to quickly identify security vulnerabilities, delays in critical updates installations, unauthorized security settings changes, installations of prohibited programs, changes in the composition of hardware.
  • Intuitive interface that does not require high tech-savvy skills to install and use.
  • Task Scheduler makes it convenient to use RedCheck in the daily security monitoring.
  • Easy and fast to open up and use for one-time audit procedures due to a combination of a console and scanning services on a single computer (or a server).
  • Does not require high hardware specs and can be installed on any server or personal computer with Microsoft operating system.
  • Can be integrated into Active Directory (which provides a convenient and flexible start-up process and control).
  • Provides continuous monitoring of security of the corporate network from a single workstation
  • Effective combination of agent- and agentless network scan technology significantly reduces scanning time and provides the required security level.
  • Ability to consolidate scan results in distributed networks.

Transparency of audit results

  • Each system scan generates integral and differential reports. The ability to create differential reporting allows you to control hardware and software configurations’ changes.
  • Built-in multifunctional OVAL and XCСDF interpreter allows meeting top compliance requirements and using unified SCAP content from different vendors like Microsoft, RedHat, McAfee, eEye etc.
  • Open-source security content description (of vulnerabilities, updates and configurations) allows you to analyze results of monitoring thoroughly.
  • High reliability of scan results is ensured by international OVAL community content verification.
  • Ability to load specific content from "ALTEX-SOFT" SCAP repository and other sources.

Business environment optimization

  • No more need in high qualification requirements for personnel responsible for information security.
  • Ability to use the best and most effective security practices.
  • Allows you to save network resources due to RedCheck low hardware specs requirements, to reduce network traffic and distribute hosts’ utilization evenly when scanning using agent technology.
  • Suitable for use on insulated networks without access to public networks (Internet). RedCheck can also be updated off-line.
ОVALdb
RedCheck leaflet RedCheck booklet Sertificate FSTEC of Russia
CAPABILITIES

Main

RedCheck is a professional security scanner solution that combines network and system verification protocols. Its functionality is enhanced with compliance monitoring, database and web-server security evaluation, integrity control and much more. That is why RedCheck is a very effective tool against vulnerabilities.

RedCheck makes security system snapshots and allows qualified personnel to detect errors in system administration and to check if everything meets the most current security policies.

Vulnerability Scan

Vulnerability Scan

RedCheck performs central and/or local host scanning, searching for OS and software vulnerabilities. Agent or agentless audit performance can easily be set to manual or automatic mode. The scan process itself is based on comparison of the system parameters with a SCAP-written vulnerabilities list located in an open OVALdb repository. This RedCheck database contains vulnerabilities descriptions for a large number of OS platforms and applications such as:

  • All server and client Microsoft OS starting with Windows XP / Server 2003
  • Red Hat, CentOS, Debian, Ubuntu, ROSA server and client OS
  • Microsoft, Adobe, OpenOffice office suites for Linux-based platforms
  • Microsoft SQL 2008/2008R2/2012 databases, Oracle database for Linux / Windows, Oracle MySQL
  • Internet Explorer, Opera, Google Chrome browsers
  • frameworks, virtualization tools, programming languages etc.

The list of vulnerabilities is daily updated and replenished with new platforms and products regularly. RedCheck updates automatically each time you start the program.

The scan results that are stored in "History" may be represented as a general or differential reports. Differential reporting helps you control the effectiveness of security protocols and easily keep track of newly emerging vulnerabilities.

Updates search

Updates search

Every time a bug in software is detected developers try to fix their code and release an update as soon as possible. And it is very important for system administrators to install there updates promptly to eliminate potential threats. RedCheck quickly and accurately indicates missing system updates. Its scan report will also give you secured links where you can download the required updates. Its database contains all the information about server and client operating systems updates for Microsoft, popular Linux platforms, as well as for a large number of applications.

Security policies compliance

Security policies compliance

The simplest way to hack an organization is to find computers that contain software installed with default settings. Typically, these configurations provide maximum functionality, but do not guarantee the safety. A priori assumption is that security is under a system administrator’s or a user’s control. Unfortunately, the "human factor" or rather lack of proper qualification of system administrators is the main threat to security. Also it’s important to mention - the security settings should be reasonable, balanced and do not interfere with company goals.

Developers usually suggest certain security settings to users or offer to follow authoritative policies. Such suggestions are written in security guidelines and configuration files. And responsibilities of a system administrator is to adopt these settings and to monitor their integrity.

RedCheck allows to automate this control process and assess the conformity of the system and its parts. In turn, the user can create their own configuration and set them into a scan schedule.

RedCheck includes a number of preset configurations (policies), based on the international standards and recommendations, such as: MSCM, PCI DSS, FDCC, USGCB and others.

Database Security

Database Security

RedCheck is an effective database safety management tool. Besides vulnerability and critical updates search, RedCheck provides precise inspection of stored procedures and security settings of popular Microsoft SQL Server, Oracle Database, MySQL databases including ones related to:

  • network databases
  • authentication systems
  • access control mechanisms
  • user rights and privileges
Network Inventory

Network Inventory

RedCheck gives you information about everything related to security: operating system, installed software, service packs and hotfixes, running processes, shared folders, hardware and much more. Detailed reporting allows you to track even the smallest software and hardware changes, scanning your network without installing it on every computer.

Integrity Monitoring

Integrity Monitoring

Capturing and monitoring of integrity of the executable files, libraries and other files is performed with higher standards using certified cryptographic library, which is a part of the scanner.

RedCheck also provides a feature of a system start up lock in case of any executive files and libraries violations were detected, which makes it extremely useful on systems with high security requirements (military, banking systems, governmental networks). And no other tools needed!

Network Scanner

Network Scanner

Nmap utility support allows to improve network audits, providing information, such as number of hosts available, open ports, running applications (application name and version), types and versions of operating systems, firewall’s running data packets, etc. These features allow to use RedCheck not only for security purposes, but also for other tasks, such as controlling the network structure, scheduling management apps startup, host or service supervision etc.

Passwords Picker

Passwords Picker

With RedCheck software security administrators can check out password strength and vulnerability possibilites in OS and database authentication mechanisms. Our solution can picks up passwords “from dictionary”, that is useful in database authentication processes. Functional features are available for Microsoft SQL Server, Postgres SQL and Oracle SQL.

Scan Results

Scan Results

Scan results can be saved in "History" or in PDF (or any other Adobe Acrobat supported) format and also can be presented in a simplified or in a differential version which makes it easy to keep track of any changes from occurred vulnerabilities to unauthorized soft- or hardware installation. To quickly find the needed events, RedCheck offers filtered search that can sort by date, time, scan type, status, name or number of the host.

Server Security

Server Security

Application servers are the basis for many corporate solutions, and on their security depends websites’ and corporate IT-services functioning, such as web-servers, mail servers and their components, mobile services, remote desktops, print servers, CRM and ERP systems, interpreters and frameworks, and many more. RedCheck is an effective tool for server security configuration monitoring and application security analysis tool with an additional RedCheck Audit security pack for application servers (licensed separately). When you purchase this license, RedCheck offers following web-servers and their components (platforms) configurations scan:

  • Apache HTTP Server
  • nginx
  • IIS
  • .NET Framework
  • Apache Tomcat

These configurations identify potentially unsafe security settings of both the OS and application server. The module works with servers running under Linux and Windows systems.

SCENARIOS
OF APPLYING

Internal and external information security audit

Audit goals:

  • risk analysis
  • evaluation of a current security level
  • finding vulnerabilities
  • checking if a particular IT infrastructure meets current information security requirements
  • generating recommendations

RedCheck allows to meet all these goals without spending a fortune on outsource experts and expensive resources.

Methods:

Tasks:

Searching for vulnerabilities

Vulnerability Audit

System configuration analysis, including compliance assessment

Configuration and Database Audit

Resources inventory

Inventory

Controlling the integrity of configuration and data files

Capturing

Regular intrusion test

Not fully featured in RedCheck, but some features can be used for such test

Complex approach

Combining different task types and analyzing the results

Security level monitoring

Security is one of the key conditions that make an information system effective (along with reliability and performance). And control over this parameter must be continuous and reliable. IT staff is way not the best thing to rely on and RedCheck can become an irreplaceable administrative tool in ensuring the security of your computer or a corporate network.

Tasks:Methods:
Blocked hardware and software identification
  • Perform scheduled scans
  • Turning on the "Control" feature while performing the “Inventory” scan
Control over safe OS and app configurations
  • Performing "Configuration audit" task
  • Turning on the "Control" feature while performing the “Inventory” scan
Finding and fixing vulnerabilities
  • Performing “Vulnerability audit” task
  • Fixing vulnerabilities according to certain protocols
  • Re-scanning and creating integral and differential reports
Keeping your system up-to-date
  • Completing "Updates audit" task on schedule
  • Turning on the "Control" feature while performing the “Inventory” scan (as needed)
Port control
  • Performing "Port scanning" task. Creating reports
Responding to incidents
  • Creating reports on all types of tasks

International, national and industry standards compliance

Compliance assessment is usually made by regulatory authorities who have the right to implement appropriate supervisory measures. RedCheck’s security configurations make it possible to follow the highest requirements and monitor their compliance at all levels.

The basic RedCheck package includes national and international standards compliance, such as PCI DSS. USGSB, GIS.

Detail of checks for compliance with PCI DSS

Requirement

Description

Interpretation of requirements in RedCheck

Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters

2.1 Always change vendor-supplied defaults before installing a system on the network, including but not limited to passwords, simple network management protocol (SNMP) community strings, and elimination of unnecessary accounts.

For wireless environments connected to the cardholder data environment or transmitting cardholder data, change wireless vendor defaults, including but not limited to default wireless encryption keys, passwords, and SNMP community strings.

Many users install these devices without management approval and do not change default settings or configure security settings. If wireless networks are not implemented with sufficient security configurations (including changing default settings), wireless sniffers can eavesdrop on the traffic, easily capture data and passwords, and easily enter and attack your network. In addition, the key exchange protocol for the older version of 802.11x encryption (WEP) has been broken and can render the encryption useless. Verify that firmware for devices are updated to support more secure protocols (for example, WPA2).

2.2 Develop configuration standards for all system components. Assure that these standards address all known security vulnerabilities and are consistent with industry-accepted system hardening standards.

Implement only one primary function per server to prevent functions that require different security levels from co-existing on the same server. (For example, web servers, database servers, and DNS should be implemented on separate servers.)

2.2.1 Правило "один сервер - одна основная функция"

Проверка установленных ролей на Windows Server

Enable only necessary and secure services, protocols, daemons, etc., as required for the function of the system.

2.2.2 Отключение небезопасных и ненужных сервисов, портов и протоколов

Проверка порта HTTP
Проверка порта IMAP
Проверка порта LDAP
Проверка порта NNTP
Проверка порта POP3
Проверка порта RDP
Проверка порта SMTP
Проверка порта Telnet

Configure system security parameters to prevent misuse.

Аудит соответствия конфигурациям безопасности

Настройка конфигурации GPO на одну из best practice конфигураций из рекомендованного перечня: NIST, ISO, SANS, CIS.

Сетевая безопасность: уровень проверки подлинности LAN Manager
Сетевая безопасность: минимальная сеансовая безопасность для клиентов на базе NTLM SSP (включая безопасный RPC)
Сетевая безопасность: минимальная сеансовая безопасность для серверов на базе NTLM SSP (включая безопасный RPC)
Включить безопасный режим поиска DLL-файлов
Сетевая безопасность: принудительный вывод из сеанса по истечении допустимых часов работы
Сетевая безопасность: не хранить хэш-значения LAN Manager при следующей смене пароля

Remove all unnecessary functionality, such as scripts,drivers, features, subsystems, file systems, and unnecessary web servers

2.2.4 Удаление неиспользуемого функционала

Выключение автозапуска
Запрос удаленной помощи
Отключить веб-публикацию в списке задач для файлов и папок
отключить заггрузку из интернета для мастеров веб-публикаций и заказов в Интернете
Предлагать удаленную помощь

2.3. Encrypt all non-console administrative access using strong cryptography. Use technologies such as SSH, VPN, or SSL/TLS for web-based management and other non-console administrative access

If remote administration is not done with secure authentication and encrypted communications, sensitive administrative or operational level information (like administrator’s passwords) can be revealed to an eavesdropper. A malicious individual could use this information to access the network, become administrator, and steal data

Применение криптографичеких механизмов для удаленного административного доступа

Разрешить незашифрованный траффик (Клиент)
Разрешить незашифрованный траффик (Служба)
Установить уровень шифрования для клиентских подключений
Член домена: всегда требуется цифровая подпись или шифрование потока данных безопасного канала
Член домена: цифровая подпись данных безопасного канала, когда это возможно

Конфигурация стандарта ИБ PCI DSS 2.0

Выберите конфигурацию Менеджер конфигураций

Assessment tool for information security management system

RedCheck is an assessment tool for information security management system (ISO / IEC 27001)

>RedCheck is a useful tool for the implementation of control objectives and controls within ISO / IEC 27000 standard series. The following table presents the main list of controls effected by using RedCheck. In fact the list of RedCheck applications in a context of ISO / IEC 27000 compliance is much wider.

ID

Name of control objective or control

RedCheck function/task

How to make compliance

A.6.2

Mobile devices and teleworking

Control of «Inventory» task

  • Create «Inventory» task without connected mobile devices.
  • Make control of created task.
  • Real-time control of connecting mobile devices by using of e-mail notifications.

A.8.1.1

Inventory of assets

«Inventory» task

  • Create «Inventory» task.
  • Create reports formed from task.

A.9.1.2

Access to networks and network services

«Port scan» task

  • Create «Port scan» task.
  • Remove the fixed problems of unregistered using od network services.

A.9.4.3

Password management system

«Password bruteforce» task

  • Create « Password bruteforce » task.
  • Remove the fixed password complexity problems.

A.12.2

Protection from malware

Compliance audit

  • Create «Compliance audit» task by using of «Anti-malware» configuration.
  • Remove the fixed security problems.

A.12.5

Control of operational software

Control of «Fixation» task

  • Create «Fixation» task in etalon environment.
  • Make control of created task.
  • Real-time integrity control by using of e-mail notifications.

A.12.6

Technical vulnerability management

Vulnerabilities audit

  • Create «Vulnerabilities audit» task.
  • Create reports formed from task.
  • Analyze report data. Get information about how to troubleshoot vulnerabilities.

Architecture

RedCheck includes:

  • Management console and scanning service RedCheck SVR
  • A database to store security information
  • RedCheck agent to scan Microsoft Windows operating system and its applications. The agent is usually used to increase scanning speed with low channel capacity. There’s also no need in having administrative rights on all the computers in your network!

It is a 3-tier application:

Level 1

OVALdb repository (located on a trusted part of ALTEX-SOFT website), containing security content and Web-based services allowing you to synchronize local RedCheck database with OVALdb. It is also responsible for registration and license check. Important! No information on your scan results is transferred to ALTEX-SOFT.

2nd level

Management Console and RedCheck SVR Service Scanner are deployed on a client's server (Fig. 1) or a security administrator’s machine (Fig. 2). This level also contains a database with private scan content. The database is managed by Microsoft SQL Server 2008 and later versions.

Fig. 1 RedCheck installation on your organization’s security server Fig. 2 RedCheck installation on a security administrator's computer

3rd level

This level is represented by scanned computers and servers with RedCheck agent service installed. There is an option to scan your network with an agentless technology (no installation needed), just set up the access to the target host. It will be a fully functional scan, but Windows integrity won’t be captured in this case. The agent is usually used to increase scanning speed with low channel capacity. There’s also no need in having administrative rights on all the computers in your network.

There is a Structured System Analysis and Design (SSAD IS) method that is used to work in distributed branch structures.

SSAD IS consists of the following components:

  • RedCheck Operations Management (ROM) - a Windows Server application, designed to collect scan results.
  • Application that provides consolidated, analytical and statistical information about scanning objects (Prognoz Platform 8 supported) Can be integrated with other BI systems, like QlikView.

Features:

  • The whole architecture is located in the head server\computer and doesn’t require any additional installations or special settings on lower-level computers, just regular RedCheck software.
  • ROM management is based on IIS web-servers and is also available in the Internet / Intranet.
  • SSAD IS can be integrated into any modern business analytics tool used by a client.
1 2 3 4 5
System Requirements

RedCheck can be installed on any computer with Microsoft Windows operating system.

Minimum system requirements:

Component1 to 100 Computers100 to 500 Computers
Processor 1,6 GHz Dual Core 2,6 GHz Dual Core
Physical storage 5 GB 45 GB
RAM 2 GB 4 GB

Operating system:

Microsoft Windows Vista/7/8/8.1/10,
Microsoft Windows Server 2008/2008R2/2012/2012R2.

Additional software:

  • SQL Server 2008 and above (Express edition, Standard, Enterprise).
  • Microsoft .NET Framework full version 4.0 or higher.

Note! For an agentless scan there’s no need to install any additional software.

RedCheck software is installed on one server (can be virtual) and is licensed by the number of scanned IP-address. We offer licenses for 1, 2 or 3 years. Any license can be renewed. A valid license provides tech support, up-to-date security content access and critical updates.

RedCheck Audit security pack licensing

RedCheck Audit security pack for application servers is licensed by the number of IP addresses, for which this type of audit will be performed, restricted to 2 (two) DNS servers on one IP address. If there are more than 2 DNS servers on 1 IP address, additional licenses should be purchased as follows: 1 IP address license = 2 DNS names, even if there will be only one physical IP address scanned.

Sold only in addition to the main Redcheck license. Can be purchased either at the same time the main RedCheck license is purchased or as an additional purchase during the term of RedCheck license usage.

Licenses (equal to the number of IP addresses) are sent electronically whithin 1 - 3 business days after the payment is received.

Videos
DOWNLOAD REDCHECK FOR FREE

Before you purchase RedCheck you can test it downloading a demo version for free.

Demo version is identical to the full version, but has limitations on the number of simultaneously scanned IP addresses (not more than 5). Trial period is 3 months. During this period you can use RedCheck for your corporate purposes, but it is prohibited by the License Agreement to transfer the demo to third parties and use it for commercial purposes.

If you have questions on the use of the demo version, please contact us at support@altx-soft.ru

Thank you. We will be grateful for any customer comments and suggestions.

In order to test the RedCheck scanner we ask you to fill up a short form. After this you will receive a link to download the distribution and the program activation key