Tenable SecurityCenter Continuous View
February 03, 2014
Tenable Network SecurityProduct:
$20,625, plus $4,125 annual maintenance.
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Highly modular, incredibly feature rich, combines multiple solutions into one comprehensive package.
- Weaknesses: Smaller environments may not be able to bear the cost of implementation.
- Verdict: The standard by which other solutions should measure themselves.
Combining the gold-standard Nessus vulnerability scanner with the powerful Passive Vulnerability Scanner and Log Correlation Engine, Tenable's SecurityCenter Continuous View brings some of the industry's best vulnerability management tools under one roof.
While we wouldn't call SecurityCenter's setup complicated, necessarily, it was not as straightforward as some other products - due to its modular nature. Each component needed to be installed separately, with varying system requirements - some requiring Linux, others able to be installed on Windows or Apple operating systems. We considered this a strength, as we were able to spread the product installation across multiple servers for increased performance. Each component has its own installer with its own license key or file, and the majority of components required minimal configuration as control of each component was managed by the SecurityCenter console.
The SecurityCenter configuration itself was reasonably straightforward. After the initial installation was complete, we accessed the product via a web browser and completed the configuration wizard presented to us. This wizard stepped us through adding the appropriate licensing information, configuring SMTP, LDAP and various organization settings. Once we completed the wizard, we attached our Nessus, Passive Vulnerability Scanners and Log Correlation Engine modules to SecurityCenter and we were ready to go.
This product comes with a massive feature set. Available as software or as a virtual or hardware appliance, its multiple modules combine discovery, auditing, event management and vulnerability and data leakage detection into a single threat management suite. Fully scalable, each module can be installed on a single server or on a server dedicated to each. Customizable analytics and dashboards can be displayed and shared among users within the SecurityCenter console, and new ones are easily created through a simple wizard or via download from the company website. The core is the Nessus vulnerability scanner, which scans servers and network gear against a massive database of vulnerabilities and displays them referencing the CVSS and CVE IDs.
The documentation is, in a word, voluminous. Comprehensive installation, administration and user guides are available as downloadable PDF files. While they contain all information necessary to install and use the tool, the lack of bookmarks sometimes made navigation difficult. That said, hyperlinking was used heavily and Tenable made effective use of screen shots and diagrams.
The company offers phone, email and live chat support to all SecurityCenter customers, Monday through Friday, 6 a.m. to 9 p.m. User support forums, FAQs and an online knowledge base are also available to all users.
The product is priced at $20,625 as a one-time fee, with $4,125 due as annual maintenance. This provides a 500 IP address license, with unlimited Nessus and Passive Vulnerability Scanner modules, the Log Correlation Engine, the SecurityCenter management console, and updates. For organizations interested in Nessus or Passive Vulnerability Scanner subscriptions, prices start at $1,500 a year.
Sign up to our newsletters
SC Magazine Articles
- APT operation 'Double Tap' exploits serious Windows OLE bug
- 'DoubleDirect' MitM attack affects iOS, Android and OS X users
- Android malware 'NotCompatible' evolves, spawns resilient botnet
- The Internet of Things (IoT) will fail if security has no context
- Regin: nation-state possibly behind the stealthy modular spying malware
- Operators disable firewall features to increase network performance, survey finds
- DDoS attacks cost organizations $40,000 per hour, survey finds
- Waste no time patching Windows Schannel, OLE bugs, experts warn
- Study: 68 percent of healthcare breaches caused by loss or theft of devices, files
- Spin.com redirects to Rig Exploit Kit, infects users with malware, Symantec observes
- Study: 'High priority' issues hamper endpoint security solution implementation
- Researchers identify POS malware targeting ticket machines, electronic kiosks
- Pirated Joomla, WordPress, Drupal themes and plugins contain CryptoPHP backdoor
- DDoS attacks grew in size, threats became more complex, Q3 reports say
- Man gets 18 months in prison for accessing Subway POS devices, loading up gift cards