Tenable SecurityCenter Continuous View v4.6
February 01, 2013
Tenable Network SecurityProduct:
Starts at software (500 IP): $20,625 one-time license, plus $4,125 annual maintenance fee. This includes unlimited Nessus scanners, unlimited Passive Vulnerability Scanners and SecurityCenter. Nessus standalone with Professional feed is available for $1,500.
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Functionally, this product is strong in every area.
- Weaknesses: The cost could exclude smaller organizations that could use this service.
- Verdict: This solution is an excellent product at a reasonable cost for large enterprises.
Tenable SecurityCenter Continuous View (SC-CV) provides real-time vulnerability management, capturing security and compliance risks introduced by mobile, cloud and virtual infrastructure. Tenable's Nessus active scanner with its Passive Vulnerability Scanner (PVS) captures vulnerabilities in static assets, transient systems and cloud access, reducing exposure to zero-day disclosed vulnerabilities and out-of-cycle emergency patches.
Nessus provides scheduled vulnerability scanning, web application auditing and credentialed patch analysis. In addition to daily content updates, SC-CV provides malicious process checks and mobile device scanning, allowing Microsoft Exchange and Apple Profile Manager to uncover and audit all mobile devices in the network. As well, patch management integration automates the cross reference of vulnerability checks with enterprise patch management. Also included is compliance/configuration auditing of firewalls, routers and virtual infrastructures. The HTML5 interface allows users on several different platforms and devices to access the same interface without the need for an app.
Nessus displays vulnerabilities based on standard formats (Common Vulnerability Scoring System v2 score and Common Vulnerabilities and Exposures ID) and exports them into a variety of formats. IPv6 address spaces are too big for scanning with active scanners alone. PVS adds dynamic discovery of vulnerable assets that connect to both IPv4 and IPv6 network. PVS also provides database logging and monitoring, detection of encrypted traffic and cloud application use. As well, it identifies new hosts and applications, assessing security and compliance risks from mobile, cloud and virtual infrastructures that may not be present during active scans.
Installation can be done with software, VMware Virtual Appliance or a hardware appliance. There are a number of hardware configurations based on the products and the number of hosts to be managed. Tenable has provided a list of examples that includes settings for Windows, Apple, Red Hat Linux, FreeBSD, CentOS and more. For this evaluation, we used an ESXi host with a CentOS x86 64-bit server to host SC-CV, PVS and Nessus. Software and keys for the products were provided on a USB device. Software installation was flawless and within 20 minutes the basic application settings were completed. Configuring the settings is straightforward.
Documentation is comparable to other solutions with an intuitive "help" feature with screen shots, a support portal, discussion forum, searchable knowledge base and other documentation, as well as product certification training, a library of video tutorials and more.
Live chat support is available 15-hours-a-day/five-days-a-week, Monday to Friday, 6:00 a.m. to 9:00 p.m. EST. Email support is free with annual maintenance. Additionally, enterprise customers receive access to live phone support. This product suite is a good value for the money.
Sign up to our newsletters
SC Magazine Articles
- Popular adult website XTube compromised, delivers malware
- Android vulnerability leaves apps open to malicious overwriting
- One in three of the top million websites are 'risky,' researchers find
- Orgs predict $53M risk, on average, from crypto key, digital cert attacks
- Hanjuan Exploit Kit leveraged in malvertising campaign
- Report: 71 percent of orgs were successfully attacked in 2014
- Self-deleting malware targets home routers to gather information
- 'PoSeidon' point-of-sale malware targets payment card information
- Amedisys notifies nearly 7,000 individuals of potential breach
- Report: More than 15,000 vulnerabilities in nearly 4,000 applications reported in 2014
- The best defense is a good offense: The importance of securing your endpoints
- British Airways says rewards accounts hacked, locked down
- Documents on NSA's zero-day policy provide little insight, EFF says
- GitHub on DDoS alert, efforts to curb its largest attack continue
- Shadow data: The monster that isn't just under your bed