Configuration Auditing

Thousands of organizations use Nessus® and SecurityCenter™ to audit their networks. Using Tenable, you can ensure that IT assets including operating systems, applications, databases, and network devices are compliant with policy and standards. Tenable provides more than 450 audit policies for a wide range of assets and standards, including:

  • Operating systems
  • Databases
  • Applications
  • Network infrastructure
  • Virtual infrastructure
  • Sensitive content
  • Anti-virus

Tenable products are SCAP certified, so you can use them to audit systems based on SCAP content. Also, our audit policies have been certified by the Center for Internet Security (CIS).

Configuration Auditing with SecurityCenter CV

Configuration Auditing with SecurityCenter

Using SecurityCenter CV, you achieve real-time monitoring of configurations from the integration of Nessus scans, real-time monitoring using Tenable's unique Passive Vulnerability Scanner (PVS), and the Log Correlation Engine (LCE). This combined solution helps you:

  • Detect system change events in real-time and automatically perform a configuration audit on new or changed systems
  • Ensure that logging is configured correctly for Windows and Unix hosts
  • Audit the configuration of a web application's operating system, application, and SQL database

Configuration Auditing with Nessus

Rely on Nessus to prepare for both internal and external compliance audits. As the industry standard tool used by tens of thousands of auditors around the world, Nessus offers the most extensive library of policy checks available.

Nessus includes hundreds of pre-packaged reports. You can create customized audits to deliver relevant, accurate information in a format that meets your specific requirements.

Additionally, if you are subject to complying with the PCI Data Security Standard, you should know that Nessus can be used to baseline your cardholder data environment (CDE) and identify systems that do not adhere to the PCI DSS hardening requirements or your organization's build standards.

Configuration Auditing

Operating System Auditing

Operating system audits include access control, system hardening, error reporting, security settings, and more. You can test configurations against many industry and government policies.

Windows

  • Windows Vista
  • Windows 7
  • Windows 8
  • Windows 2003
  • Windows 2008
  • Windows 2008 R2
  • Windows Server 2012

Unix

  • AIX
  • FreeBSD
  • HPUX
  • Mac OS X
  • Oracle Linux
  • RedHat
  • Solaris
  • SuSE

IBM AS400/iSeries

  • IBM AS400/iSeries

Storage Devices

  • NetApp Data ONTAP

Application Auditing

Audit desktop and server applications against standards including DISA STIG, CIS, and vendor recommendations.

Tenable offers policies for applications like Adobe Reader, browsers, business productivity tools, and anti-virus. It also includes IT-hardening audit policies for server applications, such as Apache and IIS, as well as for architectures and frameworks such as VMware ESX/ESXi and Tomcat.

Virtualization Platforms

  • VMware: ESX 3.5/4, ESXi 4.x/5.x, vCenter 4.x/5.x
  • Microsoft Hyper-V
  • Citrix XenServer

Webservers

  • IIS 7
  • IIS 6
  • Apache

Server Applications/Frameworks

  • BIND
  • PHP
  • Exchange 2007
  • Red Hat JBoss 5.x
  • SharePoint 2010
  • Tivoli Enterprise Manager Server (BigFix)
  • Tomcat

Desktop Applications

  • Browsers: IE9, IE7, Firefox, Safari
  • Microsoft Office: Outlook, PowerPoint, Word, Excel, Access
  • Tivoli Enterprise Manager Client (BigFix)

Anti-virus audits

  • Kaspersky
  • McAfee
  • Microsoft Endpoint
  • Norton
  • Panda
  • Sophos
  • Symantec
  • Trend Micro
  • CA

Database Auditing

Audit the configuration of databases as well as the underlying operating systems for a complete database audit. Tenable audit policies cover many best practice standards, including DISA STIG and CIS.

Tenable Nessus supports database audits for the following SQL technologies:

Database Audits

  • SQl2005
  • SQl2008
  • MySQL
  • Oracle 10
  • Oracle11g
  • IBM DB2
  • PostgreSQL
  • Informix

Standards-based Auditing

Perform configuration scans of Unix and Windows servers to test for specific policy settings. Supported configuration audit policies include, but are not limited to:

Standards-based Audits

  • Anti-virus vendor audits
  • CERT recommendations
  • CIS best practice guides
  • DISA STIGs
  • GLBA guidelines
  • HIPAA profiles
  • NIST SCAP and FDCC content
  • NSA best practice guides
  • PCI DSS configuration and hardening requirements
  • Recommended vendor settings
  • USGCB
  • MSCM
  • FISMA
  • OWASP

Content Auditing

Identify and monitor sensitive data at rest and in motion. Tenable solutions can create dynamic lists of all FTP servers, web servers, and email servers. They can identify classes of servers such as "web servers that host PDF files" or "FTP servers that contain movies."

Tenable products can search hard drives of Windows, UNIX or Linux systems for files containing specific content. Available through the Tenable Support Portal are audit policies that search for:

Content Audits

  • Credit cards, Social Security Numbers, and driver's license numbers
  • Spreadsheets with financial, employee, and health data
  • Banking wire transfer detection
  • Adult media
  • Confidential corporate information
  • Files and browser records that can indicate abuse of corporate network usage
  • Software source code
  • Document code words such as "SECRET," "PROPRIETARY," or "CONFIDENTIAL"

Network Infrastructure Auditing

Audit network infrastructure to ensure that configuration and administrative settings are secure and compliant with internal policies and industry standards.

Tenable supports the leading network equipment operating systems and provides broad coverage for a wide variety of equipment.

Network Infrastructure Audits

  • Adtran AOS
  • Brocade FabricOS
  • Cisco FWSM Firewall
  • Cisco Nexus OS (NX-OS)
  • Cisco IOS
  • Cisco IOS-XE
  • Dell Force10
  • Extreme ExtremeXOS
  • HP ProCurve
  • Huawei VRP
  • FireEye
  • FortiGate FortiOS
  • Juniper Junos
  • Juniper ScreenOS
  • Check Point GAiA
  • Palo Alto Networks PAN-OS
  • SonicWall SonicOS

Buy Nessus

Save up to $850 on product, training, and certification bundles.

Buy Now

Compare SecurityCenter Editions

Find the SecurityCenter edition that's right for your organization

Compare