Tenable Network Security Nessus ProfessionalFeed
Strengths: Straightforward vulnerability and configuration auditing in an easy-to-use tool.
Weaknesses: None that we found.
Verdict: Another perennial and well-deserved favorite, this is our Recommended choice for pure-play vulnerability assessment.
SummaryThe Nessus ProfessionalFeed from Tenable Network Security is a lightweight, no-frills network vulnerability scanner. It features the ability to scan local and remote systems for the latest vulnerabilities. With the ProfessionalFeed, users also get access to a compliance configuration audit pack, which can add credential-based auditing for NIST FDCC/SCAP, DISA STIG, CIS, and PCI compliance, along with many others.
This tool is a very straightforward install. The small server component can be installed on a medium-size machine with at least 2 GB of memory. The installation itself is easy and only takes a few minutes after launching the executable installer. After the server is installed, licensed and started, it instantly downloads the latest vulnerability checks and is ready to go. The web GUI can be accessed from any machine on the network, and scanning can begin.
We found the web GUI to be intuitive to navigate with a clean, organized layout. Scanning policies can easily be created, as well as highly customized for excellent flexibility. While this tool may be small, it does pack a significant punch. To further add punch, multiple scanners can be managed from the Tenable Security Center to meet the needs of any size environment.
Documentation included nicely organized installation and user guides. As part of the ProfessionalFeed subscription, Tenable offers no-cost email support, but only users that have purchased Security Center can access eight-hours-a-day/five-days-a-week phone support.
This product has been the old standby for years, and we find it is still the good dog when it comes to straight-up vulnerability assessment. While this solution does not have the frills of some others, it does what it does very well and is quite flexible when it comes to configuring polices and running scans.