You are here: Virtual Switches for Use with PVS

Virtual Switches for Use with PVS

The Tenable PVSPassive Vulnerability Scanner monitors network traffic at the packet layer to determine topology and identify services, security vulnerabilities, suspicious network relationships, and compliance violations.

PVS provides visibility into both server and client-side vulnerabilities, discovers the use of common protocols and services (e.g., HTTP, SQL, file sharing), and performs full asset discovery for both IPv4 and IPv6, and even on hybrid networks.

Virtualization of server rooms provides an added challenge to monitoring the network. Communication between VMs within the virtual switch is not monitored by the standard monitoring tools on the physical network since traffic between VMs does not route to the physical switch. PVS provides the ability to passively scan virtual network traffic between VMs that are in the same virtual switch as a deployed PVS VM.

This section provides an overview of the standard methods to configure the virtual switches in various systems to provide PVS with a SPAN or mirror port to gather data from inside the virtual network between VMs. While some platforms provide the ability to send monitored traffic to a remote host, the guidance provided in this document describes an environment where PVS is configured on a VM within the virtual switch cluster. The exact desired options may vary based on local monitoring requirements. The platform use to generate the technical steps in this document was configured with the most recent versions of the software. If you are using older or newer software revisions, some of these steps may vary.

Copyright © 2017. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.