Hey folks... long time no post!  I have a couple of things I was hoping folks here could help me with.

First, I've been tasked with creating a business case for regular, full scale internal network vulnerability assessments (utilizing nessus, or something of the like).  Can you point me to your favorite or best write-ups supporting such a business case.

Second, if you've been involved in such a project, how did you scope your hardware?  I'm guessing I'm going to have to put some sort of money (hardware/software) requirements in to my proposal.  What I'm looking for here is; I have a network with x number of hosts, and I want to scan them all in a certain timeframe (say 8 hours), how many actual scanners would one need to complete the task?  I know there can be a lot of factors involved in that, but a general idea of how one would go about sizing that up would be appreciated.

Thanks!

Yeah, I know it's ridiculous this day in age to a) not be doing such a thing and b) having to justify it.  But, at least I've gotten it to a point where the powers that be are at least willing to listen to reason, but I have to justify this really well.  Hoping the feedback from here helps...

We do this kind of thing as consultants and we are time limitted.  We use a laptop running Gentoo (I didn't pick this) with a 2.2 GHz dual core processer and 2 Gig of RAM.  We get most results back in far less than eight hours.  We have hit some large networks doing this.  But it all depends on what is going to work for your budget. 

For internal, I would imagine that you would be able to get your own server rather than an appliance.  An appliance limits you to that vendor and can make changing later an issue or running multiple products.  Happy hunting.