Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Releases Security Center 3.4

Earlier this week, we released Security Center 3.4 to our customers. Version 3.4 adds a lot of new features in the user interface and reporting. It also strongly ties in log analysis and network monitoring with vulnerability scanning and configuration auditing. Anyone can see video demos of the product being used to analyze logs, audit configurations, perform scans and look for intruders under the "Unified Security Monitoring" section of our Demo Videos.

Some of the major new features include:

  • An enhanced and modern user interface
    It makes use of more screen area, can save any query for later usage and has intuitive links to quickly view raw syslog, vulnerability or configuration information.
  • Support for manual Nessus report uploads and downloads
    You can perform scans with the Nessus Client and upload them to the Security Center. Any tool or product that works with the Nessus report format can also receive these types of reports from the Security Center.   
  • A more robust, intuitive and feature-rich scan scheduling interface
    This includes the ability to override a variety of scan settings at scan time, such as changing the required credentials to perform a patch or configuration audit of a server.
  • More than 170 report templates for PCI, FISMA and other standards
    These templates consider vulnerabilties, patch audits, configuration audits, change auditing, compromise events, correlated events and many other types of data sources.

There are hundreds of other features not listed here which focus on ease of use and new technical functionality. For example many new scanning options support new ones available in Nessus 3.2. A full list of new features is available to customers on our support portal.

Below is an array of screen shots which show various aspects of Security Center 3.4 in action.

Pluginfamilysummary

Vulnerability Summary By Nessus Family
Detected vulnerabilities can be summarized and sorted by each Nessus family. A running total of individual severity levels is also shown and can be clicked on, bringing the user to a list of all vulnerabilties from that severity level in that family.

Portsummary

Vulnerabiltiy Summary by Port
This sort lists all ports for which some sort of vulnerability or information has been discovered either through a Nessus scan or from a Passive Vulnerability Scanner report.

Rawvulndetails

Raw Vulnerability Detail
In this view, we are showing two hosts that had high level severity issues for their SSH daemons. From this link, users can open tickets, look at logs from these hosts and recast the severity level if needed. Any of the raw text in these screens is available for searches as well as dynamic asset classification.

Scapauditasset

"Pop Up" IP Screen
Throughout the Security Center user interface, when working with an IP address on a vulnerability, intrusion detection or log event screen, clicking on it will "pop up" a  box containing asset classification, descriptions about the IP address and hot links to other queries.

Lcetypeview

Normalized Event Visualization
In the screen, a user is presented with an activity graph for all normalized log events. You can see that some events occur continuously by the horizontal graphs. The vertical list of events was the result of a large network scan which caused events from different sources across the entire network.

Idstimedistsummary

Directional Activity Graphing
When working with IDS or log events, the amount of activity inbound, outbound and internal to the entire network or specific asset groups can be displayed. For example, you might be interested in IDS events "leaving" your entire network and then choose to look at IDS events "leaving" your DMZ or server farm.   

Correlatedlceevents

Correlated Event Visualization
In this graph, we are showing correlated events. These include IDS events that have been automatically correlated with known vulnerabilities, as well as events generated by the Log Correlation Engine which have discovered a wide variety of suspicious activity.

Viruslog

Raw Event Display
For each gathered and normalized event, the data from Syslog, Windows Events, netflow and so on, is available for display. In this screen shot, several Snort Emerging Threats rules are displayed.

The Security Center is priced solely based on the number of active IP addresses being managed. A 500 IP Security Center license lists for $15,750. All Nessus scanners connected to the Security Center also receive Direct Feed plugin updates. For pricing and quotes on larger networks, please contact our sales team.