Tenable Network Security Nessus Vulnerability Scanner
Strengths: Solid credential-based scanning available without a client on the machine.
Weaknesses: No phone support.
Verdict: This is a solid workhorse. There probably is a version of Nessus running in every organization in the world that does vulnerability scanning.
SummaryThe professional version of the open source standard is here with a new version and new features. The server now has a web GUI, which means that scans now can be run via the server from anywhere on the network quickly and easily without having to install the client on a machine. This product also features preconfigured compliance configuration audits for NIST FDCC/SCAP, DISA STIG, CIS and PCI.
Installation is quick and easy. The small installation executable can be downloaded from the website, and from there it is pretty much double click and scan. The installation takes just a few minutes, and when it is complete the Nessus Server must be started and the ProfessionalFeed key must be entered. The server then automatically downloads and updates the plug-in database and the product is ready to use.
The management interface is a stunning new web GUI that is well-organized and easy to navigate with a comfortable feel. The tab-top navigation makes accessing polices, scans and reports quick and easy. Setting up a scan takes just a few clicks and it is off and running. Scanning policies are just as easy to create, and Nessus can now use credential based scanning.
Documentation includes two PDF guides. The installation guide defines installation procedures and deployment options, while the user guide illustrates how to use the product and product features, along with step-by-step instructions and many screen shots.
Tenable Network Security provides no cost 24/7 email-based support for ProfessionalFeed customers. However, there is no phone-based support option. The website contains a support area that is also available at no cost and it includes documentation, a knowledge base, FAQ section and blog section.
At a price of $1,200 per scanner per year for the ProfessionalFeed of this product, we find it to be a good value for the money. Nessus provides a wide variety of credential-based scanning in an easy-to-run format.