by Megan Daudelin
September 28, 2016
Uninterrupted power supplies (UPS) ensure that no data is lost on critical systems in the event of a power outage. UPS systems are commonly used in data centers and server rooms so that if power is lost, all the data is preserved. Modern UPS systems have advanced functionality that enables switching between primary and backup power as necessary, as well as initiating graceful shutdowns when backup power supplies approach depletion with operating system integration. As a part of an organization’s critical infrastructure, monitoring UPS systems for vulnerabilities and functionality is imperative. By leveraging results from Tenable Nessus, the Tenable Passive Vulnerability Scanner (PVS), and the Tenable Log Correlation Engine (LCE), Tenable SecurityCenter Continuous View is able to provide detailed insight into vulnerabilities and events related to an organization’s UPS systems.
The UPS Management dashboard provides insight into vulnerabilities and events associated with UPS systems. As part of an organization’s critical infrastructure, failures in the security or functionality of UPS systems could lead to exploitation or data loss. Events related to UPS systems are tracked to enable security teams to monitor UPS functionality. Vulnerabilities related to UPS systems and applications are also identified in order to facilitate effective remediation measures. By monitoring UPS systems and applications for events and vulnerabilities, security teams can more effectively ensure the functionality and security of these systems.
The components in this dashboard leverage data gathered by active vulnerability scanning with Nessus and passive vulnerability detection with PVS, as well as host data processed and correlated by LCE. The data is filtered to provide insight about specific vulnerabilities and events related to UPS systems. Indicators alert to the detection of specific events or vulnerabilities. Events related to UPS systems are also tracked over time. Vulnerabilities are detailed by severity and count in order to provide a more complete view of the security of UPS systems. Security teams can use all of the components in this dashboard to assist in identifying, monitoring, and potentially remediating or reconfiguring UPS systems in their network.
This dashboard is available in the SecurityCenter Feed, a comprehensive collection of dashboards, reports, Assurance Report Cards, and assets. The dashboard can be easily located in the SecurityCenter Feed under the category Monitoring. The dashboard requirements are:
- SecurityCenter 5.3.1
- Nessus 6.8.1
- LCE 4.8.0
Tenable SecurityCenter Continuous View (CV) is the market-defining continuous network monitoring solution. SecurityCenter CV is continuously updated with information about advanced threats, zero-day vulnerabilities, and new regulatory compliance data. Active scanning periodically examines hosts to determine vulnerabilities and compliance concerns. Passive listening collects data to continuously monitor traffic and discover additional vulnerabilities. Host data and data from other security solutions is analyzed and correlated to monitor and report on patch management activity. SecurityCenter CV provides an organization with the most comprehensive view of the network in order to safeguard critical assets and information. Monitoring the network to ensure that all systems are secured against vulnerabilities is essential to ongoing security efforts. Tenable’s extensive network monitoring capabilities can verify that systems are successfully scanned regularly and secured against vulnerabilities, enabling ongoing improvements to an organization’s security posture.
The following components are included in this dashboard:
- UPS Management – Indicators: This matrix displays information about vulnerabilities and events related to UPS systems detected on the network.
- UPS Management – Event List: This table lists events related to UPS systems by time, with the most recent events at the top.
- UPS Management – Vulnerabilities by Product: This matrix displays information about vulnerabilities related to specific UPS products or applications detected on the network.
- UPS Management – Vulnerability Summary: This table lists the vulnerabilities related to UPS systems and applications detected on the network.
- UPS Management – Trend (Last 25 Days): This trend chart monitors the detection of vulnerabilities and events related to UPS systems and applications over the past 25 days.