August 04, 2008
Tenable Network SecurityProduct:
Passive Vulnerability Scanner: $9,995; Nessus: $1,200 per year; Security Center: $15,750 for 500 IPs
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Solid vulnerability assessment tools alone or used together.
- Weaknesses: Security Center can become expensive.
- Verdict: Arguably the granddaddy of vulnerability assessment tools dressed up for the enterprise. We really like the passive scanner.
For this review, I decided to combine these products into a single group of their own. Please keep in mind that these products can be purchased separately and can function on their own. The way I see these products is that we are really looking at two products. The first is Nessus and Passive Vulnerability Scanner, and the second is Security Center. These are all really good products. However, they are pretty much unchanged from the last time we reviewed them. Let's start with Passive Vulnerability Scanner. This is a great tool in vulnerability monitoring. It basically sniffs the network, quietly listening for vulnerabilities and policy violations.
Next is Nessus, which is a solid vulnerability scanner.
Finally, we have Security Center. This is the meat and potatoes product, and it brings all the functionality of these products into a single place.
We found all three of these products quite easy to install and manage. Installation took just a few minutes and consisted of just running a few executables and we were up and running. All three had very well designed user interfaces, which were simple and intuitive to use. The Nessus scanner was also easy to manage - with the ability to setup scans in just a few clicks of the mouse.
We found these products to all perform very well in our test environment. Security Center offers much more in the way of reporting and has the added benefit of log correlation and security workflow management, which helps track remediation of assets.
Documentation is in the form of several PDF user and administrator guides, as well as installation guides. These are all well organized and provide a great amount of detail.
Support for all three of these products is by annual subscription, which includes real-time vulnerability updates, compliance configuration audits, plus phone and email support.
All these offerings bring some great functionality to the table individually, with Nessus and Passive Scanner paired up, or Security Center by itself. We find these products to be a good value for money, however, Security Center can become costly for large environments.