Visio Connector for MBSA

Microsoft secures customer networks with Visio tool by Visimation

Visimation develops Visio software and content for Microsoft. One example is the Visio Connector for Microsoft Baseline Security Analyzer (MBSA), which supports the identification of security vulnerabilities and defense deployment through network diagramming. The solution, created by Visimation, assists Network Technicians in completing this mission critical activity quickly and with ease.

The MBSA is a separate non-Visio tool that scans devices over a network for security vulnerabilities via a command line interface. Network Technicians often need to reference location and connectivity data, such as those shown in network diagrams, to perform these scans as well as other critical operational tasks. The Visio Connector for MBSA provides a way to run the MBSA tool directly from within Visio network diagrams so Network Technicians can easily see the physical and logical configurations of the network as they perform their MBSA scans.

Visio Connector for MBSA: Portion of network view on top showing Data Graphics; MBSA scan report on bottom showing system vulnerabilities.
The Visio Connector for MBSA is a Visio add-in that extends the functionality of network diagrams created in Visio. Once a network diagram has been created and shape data is properly configured (Network Name or IP Address), the Visio Connector for MBSA displays a smart tag when the mouse hovers over a computer shape. This enables execution of MBSA scans directly from the diagram. Alternatively, one can import existing MBSA scan results using the MBSA menu. The Visio Connector for MBSA displays color-coded results on the diagram that represents the baseline security status of the network. Detailed baseline security reports can be displayed in a report window by selecting an individual computer shape.

The greatest technical challenge from the user’s perspective is how to combine the operation of the MBSA tool with the reference diagrams of the network. Using Visio automation, Visimation enables the launch and monitoring of the MBSA scans directly through the Visio interface. Visio’s robust object model enables automation through Visual Studio .NET, allowing Visimation to successfully integrate MBSA into Visio’s user interface, including custom menus, windows, and SmartTags.

The solution is implemented as a COM Add-in to Visio that is installed on top of a regular Visio license. Since the MBSA tool and the Visio Connector for MBSA are free downloads from Microsoft, the only investment required is a license of Visio Standard or Professional for each MBSA user. The solution may run from any network connected desktop with permissions to run MBSA scans. It may be installed and run immediately through Visio network diagrams that contain the proper network identification data for the devices to be scanned. With low deployment cost and high value of information generated, the time-to-value is virtually immediate.

The operation of the Visio Connector for MBSA is very simple and straightforward for Network Technicians, most of whom are familiar with Visio as the de-facto standard for network diagramming. A simple Help document is provided, and no special training is required.

Overall network view after MBSA scan
