Thousands of organizations use Nessus® and SecurityCenter® to audit their networks. Using Tenable, you can ensure that IT assets including operating systems, applications, databases and network devices are compliant with policy and standards. Tenable provides more than 450 audit policies for a wide range of assets and standards, including:
- Operating systems
- Network infrastructure
- Virtual infrastructure
- Sensitive content
Tenable's audit policies have been certified by the Center for Internet Security (CIS).
Configuration Auditing with SecurityCenter CV
Using SecurityCenter CV™, you achieve real-time monitoring of configurations from the integration of Nessus scans, real-time monitoring using Tenable's unique Passive Vulnerability Scanner® (PVS™), and the Log Correlation Engine® (LCE®). This combined solution helps you:
- Detect system change events in real time and automatically perform a configuration audit on new or changed systems
- Ensure that logging is configured correctly for Windows and Unix hosts
- Audit the configuration of a web application's operating system, application and SQL database
Configuration Auditing with Nessus
Rely on Nessus to prepare for both internal and external compliance audits. As the industry standard tool used by tens of thousands of auditors around the world, Nessus offers the most extensive library of policy checks available.
Nessus includes hundreds of pre-packaged reports. You can create customized audits to deliver relevant, accurate information in a format that meets your specific requirements.
Additionally, if you are subject to complying with the PCI Data Security Standard, you should know that Nessus can be used to baseline your cardholder data environment (CDE) and identify systems that do not adhere to the PCI DSS hardening requirements or your organization's build standards.
Operating System Auditing
Operating system audits include access control, system hardening, error reporting, security settings and more. You can test configurations against many industry and government policies.
Audit desktop and server applications against standards including DISA STIG, CIS and vendor recommendations.
Tenable offers policies for applications like Adobe Reader, browsers, business productivity tools and anti-virus. It also includes IT-hardening audit policies for server applications, such as Apache and IIS, as well as for architectures and frameworks such as VMware ESX/ESXi and Tomcat.
- VMware: ESX 3.5/4, ESXi 4.x/5.x, vCenter 4.x/5.x
- Microsoft Hyper-V
- Citrix XenServer
- IIS 7
- IIS 6
- Exchange 2007
- Red Hat JBoss 5.x
- SharePoint 2010
- Tivoli Enterprise Manager Server (BigFix)
- Browsers: IE9, IE7, Firefox, Safari
- Microsoft Office: Outlook, PowerPoint, Word, Excel, Access
- Tivoli Enterprise Manager Client (BigFix)
- Microsoft Endpoint
- Trend Micro
Audit the configuration of databases as well as the underlying operating systems for a complete database audit. Tenable audit policies cover many best practice standards, including DISA STIG and CIS.
Tenable Nessus supports database audits for the following SQL technologies:
- Oracle 10
- IBM DB2
Perform configuration scans of Unix and Windows servers to test for specific policy settings. Supported configuration audit policies include, but are not limited to:
- Anti-virus vendor audits
- CERT recommendations
- CIS best practice guides
- DISA STIGs
- GLBA guidelines
- HIPAA profiles
- NIST SCAP and FDCC content
- NSA best practice guides
- PCI DSS configuration and hardening requirements
- Recommended vendor settings
Identify and monitor sensitive data at rest and in motion. Tenable solutions can create dynamic lists of all FTP servers, web servers and email servers. They can identify classes of servers such as "web servers that host PDF files" or "FTP servers that contain movies."
Tenable products can search hard drives of Windows, Unix or Linux systems for files containing specific content. Available through the Tenable Support Portal are audit policies that search for:
- Credit cards, Social Security numbers, and driver's license numbers
- Spreadsheets with financial, employee and health data
- Banking wire transfer detection
- Adult media
- Confidential corporate information
- Files and browser records that can indicate abuse of corporate network usage
- Software source code
- Document code words such as "SECRET," "PROPRIETARY" or "CONFIDENTIAL"
Network Infrastructure Auditing
Audit network infrastructure to ensure that configuration and administrative settings are secure and compliant with internal policies and industry standards.
Tenable supports the leading network equipment operating systems and provides broad coverage for a wide variety of equipment.
- Adtran AOS
- Brocade FabricOS
- Cisco FWSM Firewall
- Cisco Nexus OS (NX-OS)
- Cisco IOS
- Cisco IOS-XE
- Dell Force10
- Extreme ExtremeXOS
- HP ProCurve
- Huawei VRP
- FortiGate FortiOS
- Juniper Junos
- Juniper ScreenOS
- Check Point GAiA
- Palo Alto Networks PAN-OS
- SonicWall SonicOS