• Nexpose
  • Overview
  • Features
  • Architecture & Open API
  • Try NeXpose
  • Buy NeXpose
  • System Requirements
  • Vulnerabilities Tested
  • NeXpose Information
• Solutions
  • Web Application VA
  • Database VA
  • Network & OS VA
  • Compliance Scanning
• Services
  • PCI Compliance Testing
  • Penetration Testing
  • Web Application Security Audits
  • Best Practices Consulting
  • Social Engineering
  • CISSP Seminar
  • NeXpose Training
• Support
  • NeXpose FAQ
  • System Requirements
  • Support Form
  • Vulnerabilities Tested
  • Customer Center Login
• Security Center
  • Advisories
  • Vulnerabilities Tested
  • Compliance
  • White Papers & Articles
  • SSHredder Test Suite
• Company
  • Management
  • Customers
  • Partners
  • Press Room
  • Events
  • Contact
  • Careers
• Customers

• NeXpose FAQ
• System Requirements
• Support Form
• Vulnerabilities Tested
• Customer Center Login

Of further interest:

• Rapid7 Service Level Agreement
• Rapid7 RFP Template
• NeXpose Consulting
• NeXpose Training
• NeXpose Technical Support
  • (857) 288-7400
  • (866) 390-8113 (toll free)
  • Email Rapid7 Support

NeXpose Frequently Asked Questions

General

• What is NeXpose?
• What is vulnerability management?
• What is vulnerability assessment?
• How long has Rapid7 and NeXpose been serving the vulnerability management market?
• Is NeXpose a software solution or an appliance?
• My company already uses firewalls and IDS (intrusion detection systems). Why do I need vulnerability management?
• Is NeXpose host-based or agent-based?
• What process is used to keep vulnerability signatures up-to-date?
• How often are signatures updated?
• Is your product CVE compatible?
• In what way will your product assist with compliance to ISO 17799, HIPAA, SOX, and GLBA? Explain.
• Can NeXpose be used to ensure compliance with the PCI Standard?
• Describe how your system can be deployed or used to allow consultants to run scans of customer’s internal networks.
• Describe how your solution can be integrated with another system to allow the other system to automatically cause a scan to run.
• Describe how your solution accounts for devices that use DHCP addresses?

Evaluation

• Is it possible to evaluate NeXpose?
• How do I get an evaluation license for NeXpose extended?
• How do I contact Rapid7 Technical Support?

Pre-Deployment

• What are the minimum system requirements for running NeXpose?
• What operating systems does NeXpose run on?
• Does NeXpose run on VMWare?
• I want to evaluate or have already purchased NeXpose. How do I request a copy of the software?
• When I click on my download link, I receive the error: "Invalid Download Request". Why?
• How do I install on Windows?
• How much bandwidth does NeXpose use?
• How long does a scan take?
• How does NeXpose ensure efficient bandwidth utilization?

Installation

• What ports must be open in my firewalls for NeXpose to function?
• How do I get NeXpose to start automatically on Windows?
• All I see is a DOS prompt. How do I log in?
• How can I check to see if my NeXpose license is valid?
• How do I request a new license?
• How do I confirm a new license?
• Can I use NeXpose if I have an IDS/IPS?
• Can I use NeXpose if I have a firewall?
• How do I change the default session timeout of the Web User Interface?
• How do I initiate a manual update? How do I know if NeXpose is updating?

Scanning

• What types of devices does NeXpose analyze during a scan?
• Will NeXpose scan external devices?
• How many different types of vulnerabilities does NeXpose detect?
• How can NeXpose detect Denial of Service (DoS) vulnerabilities without bringing the network host down?
• How does NeXpose handle false positives and false negatives?
• What types of pre-defined scan templates are included with NeXpose?
• Does NeXpose require credentials to scan a target network?
• Where can I add credentials to a scan?
• How do I log in with credentials?
• Can NeXpose scan across XP's personal firewall?
• How do I set up an "asset discovery" scan?
• Where are / How do I edit my default policy files?

Reporting

• How do I add my logo to reports?
• How do I use the database export feature?
• What types of vulnerability reports are available?
• Describe what type of trending and differential reporting is available.
• Does your solution provide customers the ability to re-define information on vulnerabilities like severities, recommendations, etc.?
• Describe what level of workflow or ticketing functionality is included.
• Can a rating be assigned to a device in order to indicate how critical that device is to the business?
• Can customers produce new vulnerability tests in NeXpose?
• Can users receive email alerts of security audit results?
• What report file formats can NeXpose generate?
• How is severity rated?
• How does critical / severe / moderate map to CVSS?
• What do the different severity levels in the vulnerability assessment results mean?

Troubleshooting

• Where can I get the NeXpose Administration Guide?
• How do I reset the default user/password created during the install?
• How do I send NeXpose logs to Rapid7 support?
• What if email is not enabled on the NeXpose server and I can't send Rapid7 support scan logs?
• How do I see the command console while using Linux?
• How do I see the command console while using Terminal Services?

Copyright © 2001 - 2008, Rapid7, LLC. All Rights Reserved.

• Home
• |
• Nexpose
• |
• Solutions
• |
• Services
• |
• Support
• |
• Security Center
• |
• Company
• |
• Contact