Encryption Strength
Tenable Network Monitor uses the following default encryption for storage and communications.
Note: If your organization requires that your instance of Tenable Network Monitor meets National Information Assurance Partnership (NIAP) standards, certain settings may be configured differently than the following information. For more information, see Configure Tenable Network Monitor for NIAP Compliance
|
Function |
Encryption |
|---|---|
|
Storing user account passwords |
SHA-512 and the PBKDF2 function with a 512 bit key |
|
Database encryption |
OFB-AES-128 XTS-AES-256 when configured for NIAP compliance. |
|
Passphrase for SSL browser certificates |
Tenable Network Monitor does not store passphrases for any certificates. For information on how OpenSSL encrypts and stores passphrases for SSL certificates, see the OpenSSL documentation. |
|
Communications between Tenable Network Monitor and clients (Tenable Network Monitor user interface users). |
TLS 1.2 with the strongest encryption method supported by Tenable Network Monitor and your browser. For information on cipher suites used, see Enable Strong Encryption. |
|
Communications between Tenable Network Monitor and the Tenable product registration server |
TLS 1.2 with ECDHE-RSA-AES256-GCM-SHA384. |
|
Communications between Tenable Network Monitor and the Tenable plugin update server |
TLS 1.2 with ECDHE-RSA-AES256-GCM-SHA384. |