最新版 Nessus 7.0.1 更新於 2018/1/11
最新版 Nessus Network Monitor 5.4.0 更新於 2017/10/24
最新版 SecurityCenter 5.6.1 更新於 2017/12/18
偵測並評估您基礎結構內的所有資產、弱點和威脅
Nessus® 是全方位的弱點評估和管理解決方案,在世界各地已經有數百萬的使用者。Nessus 提供雲端型和現場型解決方案, 可以快速準確地找到實體、虛擬和雲端環境中的弱點、設定問題及惡意程式碼,並協助您決定需要優先解決的問題。
SecurityCenter® 運用 Nessus 掃描資料並將其整合成一個簡單易懂的管理主控台。使用 SecurityCenter 管理並分析整個組織的弱點資料、排定安全性風險優先順序,並清楚檢視您的安全性狀況。使用 SecurityCenter 內建、高度可自訂的儀表板與報告及全產業唯一的 Assurance Report Cards(ARCs),可讓您看見、測量並評估安全性規劃的有效性。
SecurityCenter Continuous View® (SecurityCenter CV)讓您可持續監控風險可視化並獲得重要事件因果分析,使您具有明確資訊提供即時措施的能力。借助先進的分析,SecurityCenter CV 可讓您持續保證您的安全性規劃正常運作,讓您可持續監控風險可視化並提供脈絡,進而使您發現隱藏/未知 IT 資產、找出弱點(例如,弱點、錯誤設定及惡意程式碼)並從多個安全管理架構和合規性規範進行自動化控制。
Nessus Professional 部署最廣泛的弱點評估解決方案
全球有超過一百萬的使用者為弱點、設定和法規遵循評估而部屬Nessus。
廣泛資產涵蓋範圍
Nessus支援最廣範圍的網路裝置、作業系統、資料庫和在實體、虛擬和雲端基礎架構的應用程式。
多個掃描選項
Nessus 支援非經認證的遠端掃描;為更深入的資產細微分析而進行的經認證的本機掃描;以及網路裝置的設定離線稽核。
設定和法規遵循
超過 450 個範本可以用於法規遵循(例如 FFIEC、HIPAA、NERC、PCI 等)和設定(例如 CERT、CIS、COBIT/ITIL、DISA STIGs)稽核。
威脅偵測
Nessus 可掃描病毒、惡意程式、後門、與受僵屍網路感染的系統通訊的主機、已知/未知程式和連結到惡意內容的 web 服務。
報告和採取措施
將重要的事上報給責任方,包括可利用性、嚴重性修改、掃描排程,並通過定向郵件提交補救報告。
不變的覆蓋範圍
用 Tenable 研究團隊不斷更新的 Nessus 外掛程式訂閱來保持對新弱點的防禦。
Nessus 特色
- Agentless auditing of configurations, patches, and web applications
- 55,000+ vulnerability and configuration checks (plugins) – new plugins updated daily
- Scans networks, systems, data, and applications
- Post-scan analysis and monitoring tools
- Part of Tenable's enterprise USM platform – providing centralized management of multiple vulnerability scanners and real-time vulnerability, log, and compliance management
程式截圖
The Nessus Login Screen
Policy Selection
Policy Editing – credentials
Policy Editing - Plugin Selection
Scan view - Scans can be stopped and paused at any time
Scan scheduling - Scans can programmed to re-occur automaticall
Real time reporting - no need to wait for the completion of the scan
Nessus can be used to determine PCI compliance
Nessus Network Monitor (前身為 Passive Vulnerability Scanner® or PVS™)
被動分析網路流量,提供對網路中受管理和未受管理的資產,持續監控風險可視化
從 IT 到 OT,Nessus Network Monitor(舊稱 Passive Vulnerability Scanner® 或 PVS™)能看見盲點,使您能夠監控並保護您的整個環境。此產品以安全、非侵入的方式進行發現和監控,即使是最敏感的系統亦不例外。
消除關鍵盲點
提供深層封包檢測,以持續發現並追蹤使用者、應用程式、雲端基礎結構、信任關係和弱點。
監控任何位置
與其他任何供應商(包括作業系統、網路裝置、Hypervisor、資料庫、平板電腦、手機、Web 伺服器、雲端應用程式和關鍵基礎結構)相比,橫跨更多科技,自動發現使用者、基礎結構和弱點。
持續監控風險可視化
消除定期掃描餘下的盲點
資產發現
發現網路上的所有硬體、服務和 Web 應用程式
即時弱點偵測
在易受攻擊的資產一連接到您的網路時,便將其識別出
可疑流量識別
偵測可疑流量和連接
特色
即時網路監控
Continuous Visibility:
- Delivers continuous monitoring and assessment of an organization’s network in a non-intrusive manner
- Monitors network traffic at the packet level to provide visibility into both server and client-side vulnerabilities
- Scales to meet future asset discovery and vulnerability monitoring demands of proliferation of devices, including virtual systems and cloud services
Immediate Vulnerability Detection:
- Automatic infrastructure and vulnerability assessment Identifies server- and client-side vulnerabilities in new and transient assets
- Detects vulnerabilities on communicating systems and the protocols and applications used
- Identifies when an application is compromised or subverted
Suspicious Traffic Identification:
- Identifies unencrypted PII and other sensitive information in motion
- Discovers when internal systems begin port scan of other systems
- Highlights all interactive and encrypted network sessions
- Spots which ports served and browsed for each individual system
Asset Discovery:
- Servers
- Endpoints
- Web applications
- Network devices
- Virtual- and cloud-based devices
- BYOD/mobile devices
- Jailbroken iOS devices
Compliance and Deployment
PCI DSS Compliance
The PCI DSS requires accurate and comprehensive identification of all systems involved in the transmission, processing or storage of credit card data. These systems collectively comprise the "cardholder data environment" (CDE) where PCI DSS controls must be consistently applied and validated on an annual basis. Organizations also must provide evidence of procedures to maintain the integrity of the CDE. Nessus Network Monitor not only monitors known data flows in/out of the CDE but also identifies undocumented data flows, particularly of unencrypted payment card information.
Deployment Options
Nessus Network Monitor is offered at two performance levels: 1 Gbps for monitoring small networks and network segments; and 10 Gbps, which extends Nessus Network Monitor to high-performance datacenters and internet ingress/egress points. All configurations are available for self-contained deployment and as an integrated sensor in Tenable’s continuous network monitoring solution, SecurityCenter Continuous View®, which combines network state assessment, network activity monitoring and extensive reporting.
系統需求
- CPU: 1 x dual-core 2 GHz CPU (32 or 64 bit)
- Memory: 2 GB RAM (4 GB RAM recommended)
- OS: Windows, Red Hat ES 5, Red Hat ES 6, Red Hat ES 7, Mac
- Hard Drive: 20 GB HDD
基於雲端的弱點風險管理平台
透過適用於當今現代資產(雲端、容器、Web 應用程式等)的首款弱點風險管理平台保護您的環境。兼顧 IT 和 OT 安全性,實現完整可視化。
弱點風險管理
透過一種全新的、基於資產管理的方法,在持續變化的環境中最大限度涵蓋您不斷發展的資產和弱點,讓您清楚得知安全狀態。
Container 安全性
在 Container 影像開發時即提供對其安全性狀態的全面可視化,從而在 Container 部署之前實現弱點評估、惡意程式碼偵測、策略實施和修復。
Web 應用程式掃描
透過安全弱點掃描,獲得對 Web 應用程式安全性的可視化,並具有高偵測率,以確保您瞭解您的 Web 應用程式中的真正風險。
整合的應用程式
Tenable.io 提供多個應用程式,以解決您最棘手的安全性挑戰,如 弱點風險管理、容器安全性、Web 應用程式掃描,且即將推出其他更多項目。應用程式建構在一個通用平台上,利用 Nessus® 感應器、API 和 SDK,且可透過單一介面存取,使啟動新應用程式更容易,並能立即帶來生產力。
Container 安全性
作為提供整合 Container 安全性功能的唯一弱點風險管理解決方案,Tenable.io 持續監控 Container 影像的弱點、惡意程式碼和企業策略合規性。透過預先將安全性納入 Container 建構過程,組織可以獲得對 Container 中隱藏風險的可視化,在進入生產之前對其進行修復,並確保 Container 影像符合企業 IT 安全性策略,而不會拖延創新週期。
全面的掃描選項
其中包含的 Nessus 感應器能夠最大化掃描涵蓋和減少弱點盲點。主動和代理掃描,以及被動流量偵聽都包括在內,無需額外費用。主動式掃描提供最廣泛的資產和弱點涵蓋,基於代理的掃描和被動流量偵聽,則涵蓋難以掃描的資產,如瞬態裝置和敏感主機,如醫療或工業控制裝置。
資產追蹤
Tenable.io 採用進階資產識別演算法,可以精確定位您的環境中每個資源的真實身分-甚至是筆記型電腦、虛擬機器和雲端執行個體等動態資產。此演算法使用一組廣泛的屬性來準確追蹤資產的變更,無論它們如何漫遊或持續多長時間。
記錄的 API 和整合的 SDK
輕鬆整合和自動化功能與弱點資料的共用,或者建構在 Tenable.io 平台上,利用完全記錄的 API 集合和 SDK。使用這些工具可最大限度提高弱點資料的價值,無需額外成本。
有正常執行時間保證的 SLA
Tenable 提供弱點風險管理,透過 Tenable.io 的一個強大服務等級協定 (SLA),實現業界首個正常執行時間保證。若 SLA 並為實現,則提供服務信用額度,如同領先的雲端供應商,如 Amazon Web Services 等的作法。
|
|
Nessus Manager |
Nessus Cloud |
SecurityCenter |
SecurityCenter CV |
|
|---|---|---|---|---|---|
|
弱點掃描和評估 |
✔ |
✔ |
✔ |
✔ |
✔ |
|
掃描排程 |
✔ |
✔ |
✔ |
✔ |
✔ |
|
合規檢查 |
✔ |
✔ |
✔ |
✔ |
✔ |
|
惡意程式碼檢測 |
✔ |
✔ |
✔ |
✔ |
✔ |
|
威脅情報 |
✔ |
✔ |
✔ |
✔ |
✔ |
|
Web 應用程式掃描 |
✔ |
✔ |
✔ |
✔ |
✔ |
|
SCADA 外掛程式 |
✔ |
✔ |
✔ |
✔ |
✔ |
|
敏感資料搜尋 |
✔ |
✔ |
✔ |
✔ |
✔ |
|
PCI 內部弱點掃描 |
✔ |
✔ |
✔ |
✔ |
✔ |
|
PCI 外部弱點掃描(ASV 認證) |
✔ |
||||
|
基本報告與靜態儀表板 |
✔ |
✔ |
✔ |
||
|
可自訂的報告、儀表板與 Assurance Report Cards |
✔ |
✔ |
|||
|
集中式掃描與掃描策略管理 |
✔ |
✔ |
✔ |
✔ |
|
|
共用掃描資源 |
✔ |
✔ |
✔ |
✔ |
|
|
群組與角色型存取 |
✔ |
✔ |
✔ |
✔ |
|
|
行動裝置管理整合 |
✔ |
✔ |
✔ |
✔ |
|
|
修補程式管理系統整合 |
✔ |
✔ |
✔ |
✔ |
|
|
認證管理系統整合 |
✔ |
✔ |
✔ |
✔ |
|
|
代理型掃描 |
✔ |
✔ |
✔✱ |
✔✱ |
|
|
漏洞分析 |
✔ |
✔ |
|||
|
故障問題指派和後續追蹤 |
✔ |
✔ |
|||
|
包含政策型群組方式的動態資產清單 |
✔ |
✔ |
|||
|
Assurance Report Cards |
✔ |
✔ |
|||
|
角色型掃描區與存放庫存取 |
✔ |
✔ |
|||
|
趨近即時的資產發現與持續的網路流量剖析 |
✔ |
||||
|
主機活動監測與分析 |
✔ |
||||
|
趨近即時的異常行為偵測與分析 |
✔ |
*需要適用於管理的 Nessus Manager 或 Nessus Cloud。
SecurityCenter
Streamline Vulnerability Scanning, Administration, and Reporting
For organizations with large and complex networks, SecurityCenter combines the power of Nessus® scanning with an enterprise-class vulnerability management platform. SecurityCenter:
- Simplifies administration using a single console that manages distributed Nessus scanners for enterprise-wide security and compliance visibility
- Accelerates scans with distributed and load balanced scanning, using a centralized database for faster and more efficient scans
- Delivers advanced analytics including extensive dashboards, built-in and customizable reports that aggregate scan data to help you identify and respond to security and compliance issues
SecurityCenter Continuous View
Enterprise Platform Upgraded
SecurityCenter Continuous View identifies systems that are vulnerable, currently being exploited or have already been compromised.
Using a unique combination of active scanning, passive detection, and log analysis, our integrated platform discovers and classifies 100 percent of IT assets, including mobile, virtual and cloud systems, with deployment options that accommodate all network architectures.
Security and compliance analysts get real-time dashboards with drill-down detail for precision remediation, faster incident response and forensic analysis to minimize risk, loss, and compliance violations.
版本比較
|
SecurityCenter
|
SecurityCenter Continuous View
|
|
|
Unlimited active scanning with Nessus
|
Yes
|
Yes
|
|
Industry's largest vulnerability database, with plugins updated daily
|
Yes
|
Yes
|
|
Extensive compliance reporting and auditing
|
Yes
|
Yes
|
|
Customizable dashboards
|
Yes
|
Yes
|
|
Supports IPv6 address space
|
Yes
|
Yes
|
|
LDAP access
|
Yes
|
Yes
|
|
Mobile device detection and scanning
|
Yes (via Nessus)
|
Yes (continuous)
|
|
Real-time asset discovery
|
Yes
|
|
|
Patented passive vulnerability scanning and network analysis
|
Yes
|
|
|
Database monitoring
|
Yes
|
|
|
Encryption detection
|
Yes
|
|
|
Cloud application usage detection
|
Yes
|
|
|
Third-party intelligence enrichment
|
Yes
|
|
|
Malware detection and attack paths analysis
|
Yes
|
|
|
Statistical profiling for anomaly detection and event correlation
|
Yes
|
|
|
Stores, compresses and searches logs from thousands of network devices and applications
|
Yes
|
|
|
Aggregate and normalize data from FWs, IDS/IPS, and DLP solutions, raw network traffic, NetFlow, application logs, user activity, etc.
|
Yes
|
Log Correlation Engine
Find Actionable Context in Your Data
- Normalize, correlate, and analyze event log data from a single console
- Store, compress, and perform full-text search for rapid attack analysis
- Demonstrate compliance with internal and external mandates efficiently
- Continually assess your security and compliance posture through flexible reporting and consistent metrics
Nessus Manager and Nessus Professional 系統需求
|
Operating System |
Supported Versions |
|---|---|
|
Linux |
|
|
Windows |
|
|
Mac OS X |
Mac OS X 10.8, 10.9, 10.10, 10.11, and 10.12 - x86-64 |
The following chart outlines some basic hardware requirements for operating Nessus:
|
Scenario |
Minimum Recommended Hardware |
|---|---|
|
Nessus managing up to 50,000 hosts |
CPU: 1 dual-core 2 GHz CPU Memory: 2 GB RAM (4 GB RAM recommended) Disk space: 30 GB |
|
Nessus managing more than 50,000 hosts |
CPU: 1 dual-core 2 GHz CPU (2 dual-core recommended) Memory: 2 GB RAM (8 GB RAM recommended) Disk space: 30 GB (Additional space may be needed for reporting) |