The following are the options for deploying Barracuda Managed Vulnerability Security:
| Standard | Agent-Based | Hybrid | Small Sites |
Suitability | Suitable for most environments. | Suitable for environments such as where all users are remote. | Ideal for environments comprising both on-premises resources and remote users . | Suitable only for the smallest of sites with 100 or fewer IP addresses to scan. |
Security Console
| Required? Quantity | Required? Quantity | Required? Quantity | Required? Quantity |
✅1 (physical, virtual, AWS EC2, Azure Resources) | ✅1 (physical, virtual, AWS EC2, Azure Resources) | ✅1 (physical, virtual, AWS EC2, Azure Resources) | ✅1 (physical, virtual, AWS EC2, Azure Resources) | |
Security Engine
| Required? Quantity | Required? Quantity | Required? Quantity | Required? Quantity |
✅1 or more (physical, virtual, AWS EC2, Azure Resources) | ❌ | ✅1 or more (physical, virtual, AWS EC2, Azure Resources) | ❌ | |
Why potentially > 1 Scan Engine? | Why potentially > 1 Scan Engine? | |||
1 - Internal, 1- External, 1 per remote site, 1 - Cloud network | 1 - Internal, 1- External, 1 per remote site, 1 - Cloud network | |||
Software Agents | ❌ | ✅software agent installed on all IPs being scanned | ✅software agent installed on remote user systems | ❌ |
Internal and External Scans Possible? | ✅ | ❌ | ✅ | ❌ |
Notes | Each customer must have its own security console that they provision. One security console and a single scan engine are typically sufficient—unless the customer has multiple sites, resources in the cloud, and/or needs to scan public-facing assets like the external IP address(es) of a firewall or other edge device. | Each customer must have its own security console that they provision. Limited to systems on which the Rapid7 software agent can be installed. | Each customer must have its own security console that they provision. Combines the Standard and Agent-Based approaches. There is at least one scan engine for on-prem users but may include additional scan engines, for example, to scan public-facing assets. Because the organization has some number of remote users, the Rapid7 software agent is installed on those systems. | Each customer must have its own security console that they provision. Because scans are performed from the security console itself, scanning is limited. Should not be used:
|