August 04, 2008
Tenable Network SecurityProduct:
Passive Vulnerability Scanner: $9,995; Nessus: $1,200 per year; Security Center: $15,750 for 500 IPs
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Solid vulnerability assessment tools alone or used together.
- Weaknesses: Security Center can become expensive.
- Verdict: Arguably the granddaddy of vulnerability assessment tools dressed up for the enterprise. We really like the passive scanner.
For this review, I decided to combine these products into a single group of their own. Please keep in mind that these products can be purchased separately and can function on their own. The way I see these products is that we are really looking at two products. The first is Nessus and Passive Vulnerability Scanner, and the second is Security Center. These are all really good products. However, they are pretty much unchanged from the last time we reviewed them. Let's start with Passive Vulnerability Scanner. This is a great tool in vulnerability monitoring. It basically sniffs the network, quietly listening for vulnerabilities and policy violations.
Next is Nessus, which is a solid vulnerability scanner.
Finally, we have Security Center. This is the meat and potatoes product, and it brings all the functionality of these products into a single place.
We found all three of these products quite easy to install and manage. Installation took just a few minutes and consisted of just running a few executables and we were up and running. All three had very well designed user interfaces, which were simple and intuitive to use. The Nessus scanner was also easy to manage - with the ability to setup scans in just a few clicks of the mouse.
We found these products to all perform very well in our test environment. Security Center offers much more in the way of reporting and has the added benefit of log correlation and security workflow management, which helps track remediation of assets.
Documentation is in the form of several PDF user and administrator guides, as well as installation guides. These are all well organized and provide a great amount of detail.
Support for all three of these products is by annual subscription, which includes real-time vulnerability updates, compliance configuration audits, plus phone and email support.
All these offerings bring some great functionality to the table individually, with Nessus and Passive Scanner paired up, or Security Center by itself. We find these products to be a good value for money, however, Security Center can become costly for large environments.
Sign up to our newsletters
SC Magazine Articles
- APT operation 'Double Tap' exploits serious Windows OLE bug
- 'DoubleDirect' MitM attack affects iOS, Android and OS X users
- Android malware 'NotCompatible' evolves, spawns resilient botnet
- The Internet of Things (IoT) will fail if security has no context
- Regin: nation-state possibly behind the stealthy modular spying malware
- Operators disable firewall features to increase network performance, survey finds
- DDoS attacks cost organizations $40,000 per hour, survey finds
- Waste no time patching Windows Schannel, OLE bugs, experts warn
- Study: 68 percent of healthcare breaches caused by loss or theft of devices, files
- Spin.com redirects to Rig Exploit Kit, infects users with malware, Symantec observes
- Study: 'High priority' issues hamper endpoint security solution implementation
- Researchers identify POS malware targeting ticket machines, electronic kiosks
- Pirated Joomla, WordPress, Drupal themes and plugins contain CryptoPHP backdoor
- DDoS attacks grew in size, threats became more complex, Q3 reports say
- Man gets 18 months in prison for accessing Subway POS devices, loading up gift cards