Network Monitoring

NetFlow Monitor Report

by Josef Weiss
April 9, 2014

Sample image from Chapter 4 of the report.

This report displays event statistics leveraging the capabilities of Tenable Netflow Normalized Events. This event data is correlated to produce a series of pie charts, tables, and trends lines to display statistical data. The report is based on the the components present in the NetFlow Monitor Dashboard.

Netflow data that is being forwarded to Tenable’s LCE includes ports, source and destination IP address. The chapters in this report include:

Top Talkers (All Traffic)

PVS Detections Executive Report

by David Schwalenberg
March 26, 2014

PVS Detections Executive Report Screenshot
This executive report presents indications of the network traffic passively detected by the Passive Vulnerability Scanner (PVS). This enables network awareness and may highlight network vulnerabilities.

TCP Metrics Report

by Cody Dumont
March 20, 2014

TCP Report Screen Shot
This report provides security professionals with detailed statistics for TCP port usage across all Tenable products. For each product (Nessus, PVS and LCE), a chapter is dedicated to port usage statistics.

Insider Threat Report v2

by Josef Weiss
March 6, 2014

This report was completely re-worked and streamlined, and now includes New_User_Source events in two different formats. A new section resides under Chapter 2, titled 'New User Source Summary', and contains a New User Source User Summary and a New User Source Event List, as shown below.

PVS Detections Report - Traffic

by David Schwalenberg
February 26, 2014

PVS Detections Report Screenshot
This report presents network traffic passively detected by the Passive Vulnerability Scanner (PVS).

CIP-002 Identification of Critical Cyber Assets Report

by Cody Dumont
January 23, 2014

CIP-002 Identification of Critical Cyber Assets Screen Shot
For organizations that are required to be NERC compliant, SecurityCenter can lead the way to compliance. The first focus area is the “Identification of Critical Cyber Assets”. SecurityCenter uses Log Correlation Engine (LCE), Passive Vulnerability Scanner (PVS), and Nessus to identify the assets. When using the complete Tenable family of products, an organization can easily identify all critical assets and all associated assets.