TOC & Recently Viewed

Passive Vulnerability Scanner 5.0 Release Notes - 2/16/2016

Note: Passive Vulnerability Scanner (PVS) is now known as Nessus Network Monitor (NNM).

This document describes the new features and improvements that are introduced in PVS 5.0. A PDF file of these release notes is also available here.

Upgrade Notes

  • The supported upgrade path is from PVS 4.4.x to PVS 5.0. Installations running previous versions of PVS 4.4.x must upgrade to at least 4.4.x prior to upgrading to PVS 5.0. Refer to the PVS 5.0 User Guide for details on upgrading to PVS 5.0.
  • PVS 5.0 is compatible with SecurityCenter 4.7.x and later.
  • The HTML5 User Interface is automatically updated to version 1.6.0 via a plugin update.

Supported Platforms

Support is available for the following platforms:

  • Red Hat Linux ES 5 / CentOS 5 64-bit
  • Red Hat Linux ES 6 / CentOS 6 64-bit
  • Red Hat Linux ES 7 / CentOS 7 64-bit
  • Mac OS X 10.8 and 10.9 64-bit
  • Microsoft Windows Vista, 7, 8, Server 2008, and Server 2012 64-bit

The Microsoft Visual C++ 2010 Redistributable Package is a prerequisite that needs to be installed on Windows before installing PVS. Refer to the documentation for more information.

File Names & MD5 Checksums

File MD5
pvs-5.0.0-es5.x86_64.rpm 56a0f25f8ebe73f8acb091be48670a83
pvs-5.0.0-es6.x86_64.rpm 59141a09d4e01ec9f14a6400557ec2d3
pvs-5.0.0-es7.x86_64.rpm 141d18f62a48fbbcf8fcbd6e3e32a015
pvs-5.0.0-osx.dmg e8dd8a8469bb568b3fb677163aab2ce9
pvs-5.0.0-x64.exe 7d7dfdc158fe0d9644b3cfc72e7510c1

What's New

Improved User Interface

PVS 5.0 includes a much improved interface that provides a summarized dashboard seen after login amongst other new features. The dashboard contains multiple high-level summarized views into hosts, vulnerabilities, applications, operating systems, connections, and mobile devices discovered by PVS. Other additions include:

  • A chord diagram is available that visualizes the client connections to servers on well-known ports.
  • A network bandwidth chart trends the amount of data sent from client hosts to server hosts and vice versa.
  • Improved navigation between client and server hosts, and new pivoting capabilities on any host.
  • A Sankey diagram that provides a view of connections between client and server hosts by either host or by network service.

Improved VLAN Monitoring

A new Plugin (ID 19) summarizes all observed VLAN tags for a given host. This helps determine if a host has switched VLANs or is present on an incorrect or unexpected VLAN.

Detection and Analysis of Tunneled IPv6 Traffic

In addition to reporting the presence of tunneled IPv6 traffic, PVS now processes the IPv6 traffic within the tunnel. Teredo, 6to4, and 6in4 tunnel detections are now summarized in a single plugin (ID 20) and other detections will be associated to the IP addresses found within the tunneled traffic.

Increased Analysis of IPv6 Traffic

PVS now detects the presence of IPv6 headers and performs a complete analysis of IPv6 packets that contain extension headers.

Discovery of Applications within Encrypted Traffic

PVS increases application visibility by using TLS fingerprinting to discover applications whose traffic is encrypted.

Extended Packet Filtering

PVS provides more targeted packet filtering by extending its BPF filter support.

Additional Improvements

  • Added HTTP Strict Transport Security (HSTS) headers to the PVS Web Server.
  • Replaced initial certificates signed with the SHA1 hashing algorithm with certificates signed with SHA-256.
  • PVS now displays both successful and unsuccessful last logon attempts immediately after login. Previously, only unsuccessful attempts were shown.
  • Fixed an issue where SecurityCenter would continually report PVS status as "Updating Plugins".
  • Extended an interval after which PVS needs to be reactivated if it has not received plugin updates from SecurityCenter during that interval. The interval has been extended from 14 days to 30 days.
  • Replaced a PASL (ID 7043) with an internal plugin (ID 18) for summarized reporting of protocols used by hosts.
  • Upgraded OpenSSL to 1.0.2f.

Copyright 2017. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.