Hi there,
I’m running openvas in a docker compose, but I’m thinking of testing the native installation.
What are your experiences and which installation is the most stable and reliable of all?
Is there a guide on how to migrate from docker-compose to a native installation?
Kind regards
No, there are no instructions for migrating between instances. You would be left with the task of migrating the data.
I prefer the Kali Linux native installation since I am less familiar with Docker and prefer bare-metal. If you are looking for long-term stability I would suggest the entry-level Enterprise appliances such as Greenbone Free or Greenbone Basic.
1 Like
That of course depends on what you expect from “stable”. If you want something that works reliable without many admin interventions over years and a clear upgrade paths between version changes, you need to look at our enterprise appliances.
1 Like
Btw. what do you mean by native installation?
I meant by “native installation” the installation on Linux without docker. So each service can be controlled by “systemctl”
Source build or Kali packages?
Short summary:
| Installation Type | Notes |
|---|---|
| Container Images | Directly build from the git source repositories. Easy to use and to maintain. Gets newest changes immediately after a software component release. But newest changes may break something. Fixes come very fast but may take some days. |
| Source Build | Gets updates less often. Less likely to break (at least when using Debian as a base). Difficult to use and to maintain without more background knowledge. |
| Kali | Greenbone is not involved! Updates less often. Has more often issues with other dependencies like PostgeSQL. You need to contact Kali developers to get something fixed. |
| Greenbone TRIAL/Free | Ready to use VM. Easiest to use free version, but gets no updates. You need to setup a new VM to get an update. |
| Greenbone Enterprise | VM or Hardware. Most stable. Gets well tested before a new release. Updated paths are ensured and tested. Easiest to setup and to maintain. And of course you get the full enterprise feed. |
Thank you.
Does any of the installation methods have a Rest-API?
I have heard that a REST API will be implemented in the CE Edition, but so far I have not found more information anywhere.
The vulnerability management has no REST API (yet). Our interface is XML based and called GMP. Newer scanner versions have a REST API but it might not be available on all installation methods.