Tenable SecurityCenter Continuous View
February 03, 2014
Tenable Network SecurityProduct:
$20,625, plus $4,125 annual maintenance.
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Highly modular, incredibly feature rich, combines multiple solutions into one comprehensive package.
- Weaknesses: Smaller environments may not be able to bear the cost of implementation.
- Verdict: The standard by which other solutions should measure themselves.
Combining the gold-standard Nessus vulnerability scanner with the powerful Passive Vulnerability Scanner and Log Correlation Engine, Tenable's SecurityCenter Continuous View brings some of the industry's best vulnerability management tools under one roof.
While we wouldn't call SecurityCenter's setup complicated, necessarily, it was not as straightforward as some other products - due to its modular nature. Each component needed to be installed separately, with varying system requirements - some requiring Linux, others able to be installed on Windows or Apple operating systems. We considered this a strength, as we were able to spread the product installation across multiple servers for increased performance. Each component has its own installer with its own license key or file, and the majority of components required minimal configuration as control of each component was managed by the SecurityCenter console.
The SecurityCenter configuration itself was reasonably straightforward. After the initial installation was complete, we accessed the product via a web browser and completed the configuration wizard presented to us. This wizard stepped us through adding the appropriate licensing information, configuring SMTP, LDAP and various organization settings. Once we completed the wizard, we attached our Nessus, Passive Vulnerability Scanners and Log Correlation Engine modules to SecurityCenter and we were ready to go.
This product comes with a massive feature set. Available as software or as a virtual or hardware appliance, its multiple modules combine discovery, auditing, event management and vulnerability and data leakage detection into a single threat management suite. Fully scalable, each module can be installed on a single server or on a server dedicated to each. Customizable analytics and dashboards can be displayed and shared among users within the SecurityCenter console, and new ones are easily created through a simple wizard or via download from the company website. The core is the Nessus vulnerability scanner, which scans servers and network gear against a massive database of vulnerabilities and displays them referencing the CVSS and CVE IDs.
The documentation is, in a word, voluminous. Comprehensive installation, administration and user guides are available as downloadable PDF files. While they contain all information necessary to install and use the tool, the lack of bookmarks sometimes made navigation difficult. That said, hyperlinking was used heavily and Tenable made effective use of screen shots and diagrams.
The company offers phone, email and live chat support to all SecurityCenter customers, Monday through Friday, 6 a.m. to 9 p.m. User support forums, FAQs and an online knowledge base are also available to all users.
The product is priced at $20,625 as a one-time fee, with $4,125 due as annual maintenance. This provides a 500 IP address license, with unlimited Nessus and Passive Vulnerability Scanner modules, the Log Correlation Engine, the SecurityCenter management console, and updates. For organizations interested in Nessus or Passive Vulnerability Scanner subscriptions, prices start at $1,500 a year.
Sign up to our newsletters
SC Magazine Articles
- Long list of devices believed to be affected by NetUSB vulnerability
- Scammers target oil companies with sneaky attack
- CareFirst BlueCross BlueShield breached, more than one million individuals notified
- Study: Employees acknowledge risky security behavior, continue to engage in it
- Hack of airplane systems described in FBI docs raises security questions
- Hackers exploit Starbucks auto-reload feature to steal from customers
- Study: Nearly all SAP systems remain unpatched and vulnerable to attacks
- Former Nuclear Regulatory Commission employee arrested for alleged spear phishing campaign
- Millions of WordPress websites vulnerable to XSS bug
- FireEye first cybersecurity firm awarded DHS SAFETY Act certification
- Thousands of Bellevue Hospital Center patients notified of data breach
- Study: 86 percent of websites contain at least one 'serious' vulnerability
- Investigation ongoing in reported multimillion member Adult FriendFinder breach
- Report: $19M breach settlement between MasterCard, Target terminated
- FTC gives thumbs up to companies that cooperate during breach probes