Tenable SecurityCenter Continuous View
February 03, 2014
Tenable Network SecurityProduct:
$20,625, plus $4,125 annual maintenance.
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Highly modular, incredibly feature rich, combines multiple solutions into one comprehensive package.
- Weaknesses: Smaller environments may not be able to bear the cost of implementation.
- Verdict: The standard by which other solutions should measure themselves.
Combining the gold-standard Nessus vulnerability scanner with the powerful Passive Vulnerability Scanner and Log Correlation Engine, Tenable's SecurityCenter Continuous View brings some of the industry's best vulnerability management tools under one roof.
While we wouldn't call SecurityCenter's setup complicated, necessarily, it was not as straightforward as some other products - due to its modular nature. Each component needed to be installed separately, with varying system requirements - some requiring Linux, others able to be installed on Windows or Apple operating systems. We considered this a strength, as we were able to spread the product installation across multiple servers for increased performance. Each component has its own installer with its own license key or file, and the majority of components required minimal configuration as control of each component was managed by the SecurityCenter console.
The SecurityCenter configuration itself was reasonably straightforward. After the initial installation was complete, we accessed the product via a web browser and completed the configuration wizard presented to us. This wizard stepped us through adding the appropriate licensing information, configuring SMTP, LDAP and various organization settings. Once we completed the wizard, we attached our Nessus, Passive Vulnerability Scanners and Log Correlation Engine modules to SecurityCenter and we were ready to go.
This product comes with a massive feature set. Available as software or as a virtual or hardware appliance, its multiple modules combine discovery, auditing, event management and vulnerability and data leakage detection into a single threat management suite. Fully scalable, each module can be installed on a single server or on a server dedicated to each. Customizable analytics and dashboards can be displayed and shared among users within the SecurityCenter console, and new ones are easily created through a simple wizard or via download from the company website. The core is the Nessus vulnerability scanner, which scans servers and network gear against a massive database of vulnerabilities and displays them referencing the CVSS and CVE IDs.
The documentation is, in a word, voluminous. Comprehensive installation, administration and user guides are available as downloadable PDF files. While they contain all information necessary to install and use the tool, the lack of bookmarks sometimes made navigation difficult. That said, hyperlinking was used heavily and Tenable made effective use of screen shots and diagrams.
The company offers phone, email and live chat support to all SecurityCenter customers, Monday through Friday, 6 a.m. to 9 p.m. User support forums, FAQs and an online knowledge base are also available to all users.
The product is priced at $20,625 as a one-time fee, with $4,125 due as annual maintenance. This provides a 500 IP address license, with unlimited Nessus and Passive Vulnerability Scanner modules, the Log Correlation Engine, the SecurityCenter management console, and updates. For organizations interested in Nessus or Passive Vulnerability Scanner subscriptions, prices start at $1,500 a year.
SC Magazine Articles
- Industry pros react to Cisco, Fortinet advisories after possible Snowden NSA leak
- The Shadow Brokers' NSA hack claim unlikely, say experts
- After the breach: Settlement expected for 50M Home Depot customers
- Don't get caught by the Pokemon Go ransomware
- WikiLeaks postings of Turkish emails included active links to malware
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- CEO sacked after aircraft company grounded by whaling attack
- Microsoft warns of new, self-propagating ransomware in the wild
- Wendy's POS breach 'considerably' bigger than first thought
- Two-thirds of IT security professionals expect a breach to hit their company this year, report
- Epic hack, thousands of salted logins stolen
- India threatens jail for visiting forbidden sites
- Ransomware rise, email scams spread, Flash & IOT vulnerabilities up
- Russia's Central Bank introduces new mandatory cyber-security regulations