I mentioned the need to perform a routine vulnerabilty scan of your network and firewall in my 5 Step Data Security Plan for Small Businesses article. You should scan your network and firewall on a quarterly or biannual basis to check for any vulnerabilities, ensure you have the latest security patches, and fix any issues. Here is a list of several network vulnerability scanning tools you should consider using in-house, or if you use a network vendor, you can bring to their attention.
OpenVAS - On the upside OpenVAS is free, and it is a very thorough tool. On the downside support is limited through the community or non US based professional services companies. And OpenVAS runs on Unix so you will need to take that requirement into consideration.
GFI LanGuard - This is a reasonably priced Windows based tool, and it is supposed to be one of the more user friendly tools available.
nCircle PureCloud – They offer a cloud based network scanning service so you are not required to install any software or hardware. They offer a scan summary and basic report for free, and you can purchase a fully detailed report. This is probably the best option for the less tech savvy small business.
Nexpose Express – Another widely used tool with a good reputation. It is one of the more expensive tools available, but they also have a free version, Nexpose Community, for small users.
Nessus - Nessus used to be a free product, although no longer, and it is a widely used and comprehensive tool. I have used Nessus before, and I can highly recommend it.
There are many other vulnerability scanning tools available, but this list covers a wide range of tools from free, to low-priced, to easy to use, to best in class, and you will be able to find the vulnerability scanning tool that is right for your small business needs. As always if you have questions, please feel free to list in the comments below.