With the recent release of SecurityCenter 4.0.1, Tenable has modified the IP-based licensing to include unlimited discovery scanning. This means organizations that make use of SecurityCenter can perform routine ping sweeps of their backbones and network blocks without it counting against their licensed IPs.
SecurityCenter is licensed solely based on the number of active hosts with vulnerabilities on your network. You may have several class C networks (255 potential hosts each), but SecurityCenter licensing only counts against the number of active hosts. Tenable does not need to know your IP ranges or provide keys for hosts or networks you may have not known about before you deployed SecurityCenter.
With the new licensing, organizations can schedule ping sweeps of their network to look for new hosts on a routine basis. If you have a large network and multiple Nessus scanners, SecurityCenter will automatically split the scan across the scanners until the ping sweep is complete. When routine ping sweeps are fed into SecurityCenter, scan results can automatically be used for:
- Creating dashboard trending elements to count the number of hosts not being targeted for regular vulnerability auditing
- Creating alerts when new hosts are discovered in networks where there should not be any new hosts
- Creating alerts when the number of hosts drops below an expected value, which could indicate a network outage or connectivity issue with the host
Organizations interested in discovery of new hosts should also consider the Passive Vulnerability Scanner (PVS). This Tenable product looks at network traffic and discovers new hosts, new applications and their vulnerabilities by inspecting packet and session content. It identifies any host on your network that communicates, regardless of response to ping requests by Nessus.
Organizations that make use of SecurityCenter’s unlimited discovery scans and find additional hosts they wish to include need to contact Tenable’s sales team to request an upgrade key. Newer keys means that full vulnerability scans, patch audits and configuration audits can be performed on the discovered hosts. More than one third of all Tenable SecurityCenter customers procure an upgrade key to expand the number of IP addresses they perform scanning for within their first year of operation.