Description

Download Symantec NetRecon 3.6 Release Notes (PDF)

This product upgrade can only be obtained from your Symantec Reseller or account manager. Customers with current maintenance as of November 15, 2002 can request the upgrade if they have not already received it.

The Symantec NetRecon 3.6 theme is Security Update rollup and customer enhancements.

Symantec NetRecon 3.6 is a point release for Symantec's network-based vulnerability scanner. This upgrade is available immediately worldwide.

Features and enhancements include:

• All Security Updates since version 3.5 (SU1 - SU10)
• Significant speed enhancements
• Granular objective control
• 296 CVE mappings
• New Command-Line Interface options
• Windows XP support
• 143 new Web server checks
• Symantec product integration

Enhancement Overview

• Speed enhancements
  
  Before Symantec NetRecon version 3.5, SU8, when running a Symantec NetRecon scan, the engine would take 100 percent of the computer's CPU resources. In tests on computers meeting only the minimum hardware requirements for Symantec NetRecon, after installing version 3.6, Symantec NetRecon used less than 5 percent of the CPU resources.
  
  The modifications affecting CPU usage have also improved Symantec NetRecon's run time. In tests, average run time was reduced 40 to 60 percent.
  
  
• Granular objective control
  
  Security Update 9 introduced granular objectives let the user run certain commonly-used objectives individually, rather than as part of a full scan. This provides users with the versatility to select specific objectives from a predefined list. Because Symantec NetRecon runs only the necessary scans to obtain information about the selected objectives, users quickly have the needed information without running a full scan.
  
  All objectives that were previously contained in the miscellaneous category, as well as certain objectives from the light, medium, and heavy scans, are part of the list of granular objectives. Those objectives from the light, medium, and heavy scans are still part of the full scans, and they run when a full scan is selected. Granular objectives cannot be run simultaneously with full scans or other granular objectives.
  
  
• CVE mappings
  
  Security Update 8 - 10 introduced support for 296 CVE mappings. Internet links to relative CVE descriptions are included in the additional information section of each vulnerability.
  
  
• New Command-Line Interface options
  
  Security Update 10 introduced several new Command-Line Interface (CLI) options to let users create reports in HTML format. Users can choose the format of the report and determine the report's content using options that select vulnerability, computer name, vulnerability risk by number, vulnerability risk by color, and other parameters.
  
  
• Windows XP Support
  
  Security Update 7 introduced support for running Symantec NetRecon on Windows XP. Now Windows NT, 2000 and XP are all supported host platforms by Symantec NetRecon.
  
  
• 143 new Web server checks
  
  Security Update 3 introduced 143 new Web server vulnerability checks such as vulnerable CGI script files, Cold Fusion files, and Active Server Page files. Each of these checks was previously located only in the Symantec ESM for WebServers 1.0 product.
  
  
• Symantec product integration
  
  Security Update 4 improved NetRecon's integration with Symantec Enterprise Security Manager 5.5.
  
  Security Update 4 and 7 introduced support for Norton AntiVirus Corporate Edition.
  
  Security Update 10 introduced support for Symantec PCAnywhere.