What is the Site Security Scanner?
An easy-to-use, free tool that enables MSPs to provide real-time security scans for prospective customers and customers. It was developed as a result of feedback from partners and addresses a real need in the SMB cybersecurity environment.
What does it do?
Scans a site, including all connected devices, site accounts, and domain policies to check for vulnerabilities and reports on what security risks exist.
What does the Barracuda Site Security Scanner test?
The Barracuda Site Security Scanner assesses assets based on tests in the following categories:
- Antivirus Security
- Patch Security
- User Security
- Network Security
In addition, the Barracuda Site Security Scanner also tests if the following are open:
- Commonly abused ports
- Other ports
How do I use the Site Security Scanner?
The Site Security scanner can be downloaded from Barracuda Campus . Once the tool is installed, valid Barracuda Cloud Control credential is required to activate the tool.
Having trouble accessing Site Security Scanner?
If you have trouble accessing Site Security Scanner, the issue may be that you are not using the necessary credentials. To log in, you must use the email address associated with your Barracuda Cloud Control account. Users of products like Barracuda RMM may be used to using a username, but in this case, your Barracuda Cloud Control email is required. Click this link for help setting up Barracuda Cloud Control credentials.
Will the Site Security Scanner automatically resolve issues?
No, results will be displayed, and a report can be generated to list potential issues found by the scanner.
Is it possible to disable portions of the scan?
No, all tests will be executed and reported on. Tests can only be disabled as part of Site Security Schema in Barracuda RMM.
What is an asset?
Assets are:
- devices
- domain/local user accounts
- group policies
What is an impacted asset?
An impacted asset is a device, domain/local user account, or group policy that has failed a test.
What is an unassessed test?
A test is marked as unassessed when the test could not be performed. The main reasons that a test cannot be performed are:
- the data for the test could not be collected (due to an error), or
- the test does not apply (For example, the test that ensures a 3rd party firewall is enabled, but no 3rd party firewall is installed).
For more information on unassessed tests, see What To Do About Unknown Devices and Unassessed Assets
What is an unknown device?
For more information on unknown devices, see What To Do About Unknown Devices and Unassessed Assets
What do the numbers on the category cards mean?
For information on understanding the numbers on the cards, see How to Read your Security Score - Category Cards.
What is a report?
The report you can generate with the Barracuda Site Security Scanner is a PDF of the results of your security scan. This is the method you can use to share the results of a scan with your customer. You have the option to customize the PDF with the name and logo of your customer and the name and logo of your company. For more information, see How to Generate a PDF Report of a Security Scan.
Can I download a copy of the reports to send to my clients?
Yes, Reports can be exported to a PDF and customized with your company logo. For more information, see How to Generate a PDF Report of a Security Scan .
How long do I have the Barracuda Site Security Scanner for?
After 30 days, you can no longer use the Barracuda Site Security Scanner. If you want to use the Barracuda Site Security Scanner again, do the following:
- Uninstall the current version of the Barracuda Site Security Scanner.
- Download a new version of the scanner.
- Install the new version.
The number of days left in your current usage period is displayed in the bottom left corner of the Barracuda Site Security Scanner window.