PVS continuously monitors the network, detecting usage of cloud services, identifying new assets as they become active on the network, and profiling an asset’s operating system, active applications, services, network connections, and associated vulnerabilities. The new capabilities in PVS 5.0 give you a complete view of assets and activities across your computing environments, helping you identify and prioritize weaknesses that need attention.
Identifying Selected TLS-Encrypted Application Traffic
Internet application traffic is often encrypted with Transport Layer Security (TLS). Unless organizations deploy relatively expensive network devices designed to decrypt TLS, they will be blind to the applications associated with the traffic. PVS v5.0 increases application visibility by using TLS fingerprinting to discover applications whose traffic is encrypted.
Improved User Interface
PVS v5.0 includes an enhanced user interface that provides a summarized dashboard containing multiple high level summarized views into hosts, vulnerabilities, applications, operating systems, connections, and mobile devices discovered by PVS. Additional improvements include:
A chord diagram that visualizes the client connections to servers on well-known ports
A network bandwidth chart trends the amount of data sent from client hosts to server hosts and vice versa
Improved navigation between client and server hosts, and new pivoting capabilities on any host
A Sankey diagram that provides a view of connections between client and server hosts by either host or by network service
Improved VLAN Monitoring
Enterprise networks are increasingly being segmented into Virtual Local Area Networks (VLANS) to increase performance and security. PVS 5.0 includes a new Plugin (ID 19) that summarizes all observed VLAN tags for a given host. This helps determine if a host has switched VLANS or is present on an incorrect or unexpected VLAN.
Detection and Analysis of Tunneled IPv6 Traffic
In addition to reporting the presence of tunneled IPv6 traffic, PVS now processes the IPv6 traffic within the tunnel. Teredo, 6to4, and 6in4 tunnel detections are now summarized in a single plugin (ID 20), and other detections will be associated to the IP addresses found within the tunneled traffic.
Increased Analysis of IPv6 Traffic
PVS now detects the presence of IPv6 headers and performs a complete analysis of IPv6 packets that contain extension headers.
Extended Packet Filtering
PVS provides more targeted packet filtering by extending its BPF filter support.