TOC & Recently Viewed

Recently Viewed Topics

Nessus Network Monitor 5.8.1 Release Notes - 2019-03-28

New Features

Note: These new features are only available with an Industrial Security subscription and are available only when NNM is connected to Industrial Security.

The following are new OT-related features included in NNM 5.8.1:

  • Expansion of ICS asset detections to include:
    • 358 newly supported Emerson/DeltaV Devices

    • 91 newly supported Siemens Devices

  • Expansion of OT vulnerability detections to include:
    • 77 newly supported ICS-specific vulnerability detections

  • Expanded OT protocol detections to include:

    • Full parsing, protocol detection and device detection for Emerson ROC and Yokogawa HLLS Protocol.

  • Port-based Protocol Detection for:

    • Emerson DeltaV Protocol (UDP Port 18507)

    • Emerson ROC Protocol (TCP Port 4000)

    • Moxa Protocol (TCP Port 4502, UDP Port 4800, TCP Port 4900)

    • Omron FINS Protocol (TCP Port 9600, UDP Prot 9600)

    • RedLion Crimson Protocol (TCP Port 789)

    • Rockwell PCCC/CSP (TCP Port 2222)

    • Schneider TriStation Protocol (UDP Port 1502)

    • Siemens Logo! Protocol (TCP Port 10001, TCP Port 10005)

    • Siemens S7 Protocol (TCP Port 102)

    • Yokogawa HLLS Protocol (UDP Port 12289, TCP Port 12289)

    • Yokogawa RPS Protocol (UDP Port 12290, TCP Port 12290)

Changed Functionality and Performance Enhancements

The following functionality has been changed in NNM 5.8.1:

  • For NNM instances connected to Industrial Security, the default Report Frequency has been changed to 5 minutes (from 15 minutes). This ensures a minimal amount of time is required to begin receiving data to IS, and remains a configurable setting from within the UI or from the CLI.

  • For all NNM instances, PII Obfuscation was extended to cover realtime logging and syslog logging. If a detection classified as potentially containing PII reports via either realtime logs or syslogs, the buffer will now be obfuscated by default. In line with changes made in NNM 5.8.0, this obfuscation can be disabled for stand-alone NNM instances only. It cannot be disabled for NNM instances connected to other Tenable products.

For more information about the features and functionality supported in this release, see the NNM 5.8.x User Guide.

Supported Platforms

Support is available for the following platforms:

  • Red Hat Linux ES 5 / CentOS 5 64-bit
  • Red Hat Linux ES 6 / CentOS 6 64-bit
  • Red Hat Linux ES 7 / CentOS 7 64-bit (NEW! Support for RH/CentOS Version 7.6 through kernel version: 3.10.0-957)
  • MacOS 10.9 - 10.13 64-bit
  • Microsoft Windows Vista/7/8/10 and Windows Server 2008/2012/2016 (all 64-bit)

Upgrade Notes

Note: If your upgrade path skips versions of Nessus Network Monitor, Tenable recommends reviewing the release notes for all skipped versions. You may need to update your configurations because of features and functionality added in skipped versions.

Be Advised:

  • Upgrades from 4.2.1, 4.4.1, 5.0.0, and 5.2.0 to 5.4.1 are supported. Installations running previous versions of NNM 4.2.1 must upgrade to at least 4.2.1 prior to upgrading to NNM 5.8.1 - Refer to the NNM 5.8.0 User Guide for details on upgrading to NNM 5.8.1.
  • NNM 5.8.1 is compatible with SecurityCenter 4.7.x and later.
  • NNM 5.8.1 is compatible with Industrial Security 1.3.2 and later.
  • The NNM Web Server and NNM HTML5 User Interface are each automatically updated to version 2.4.1 via a plugin update.

Copyright © 2019 Tenable, Inc. All rights reserved. Tenable, Tenable.io, Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc.. Tenable.sc, Lumin, Assure, and the Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.