TOC & Recently Viewed

Passive Vulnerability Scanner 5.2 Release Notes - 12/12/2016

Note: Passive Vulnerability Scanner (PVS) is now known as Nessus Network Monitor (NNM).

This document describes the new features and improvements that are introduced in PVS 5.2. A PDF file of these release notes is also available here.

Upgrade Notes

  • Upgrades from 4.2.1, 4.4.1, and 5.0.0 to 5.2.0 are supported. Installations running previous versions of PVS 4.2.1 must upgrade to at least 4.2.1 prior to upgrading to PVS 5.2. Refer to the PVS 5.2 User Guide for details on upgrading to PVS 5.2.
  • PVS 5.2 is compatible with SecurityCenter 4.7.x and later.
  • The HTML5 User Interface is automatically updated to version 1.8.0 via a plugin update.

Supported Platforms

Support is available for the following platforms:

  • Red Hat Linux ES 5 / CentOS 5 64-bit
  • Red Hat Linux ES 6 / CentOS 6 64-bit
  • Red Hat Linux ES 7 / CentOS 7 64-bit
  • macOS 10.9 - 10.12 64-bit
  • Microsoft Windows Vista, 7, 8, Server 2008, and Server 2012 64-bit

File Names & MD5 Checksums

File MD5
pvs-5.2.0-es5.x86_64.rpm 14a78600769825d3a9f047b006f22c5d
pvs-5.2.0-es6.x86_64.rpm abbb0eea84e0522fef5c269d45de1bfd
pvs-5.2.0-es7.x86_64.rpm 19e7904fa769f5f1a1ca3659b4b6066e
pvs-5.2.0-osx.dmg 86ac1eb1ffa907cd667455d3088540d5
pvs-5.2.0-x64.exe 40b17d33954ed1a3c26f4daa9cdea461

What's New

New SCADA Analysis Module
PVS includes a new analysis module that analyzes SCADA network traffic to discover SCADA assets and their vulnerabilities. This module provides the same capabilities as SCADA plugins that are loaded by PVS versions older than 5.2, with improved performance. In addition, the module provides deep visibility into the type of SCADA devices discovered. This module is enabled by default and can be disabled in environments that do not contain SCADA devices.

New SCADA Top-N charts
The following charts have been added to the dashboard in the PVS client and provide a high-level summary of SCADA assets, their vulnerabilities, and protocols used by them. The charts are disabled by default.

  1. SCADA Vulnerability Distribution by Severity
  2. Top 10 SCADA Hosts
  3. SCADA Host Distribution by Protocol
  4. SCADA Host Distribution by System Type

New Connection Analysis Module
The connection reporting features of the Tenable Network Monitor (TNM) are now available within PVS as part of a new Connection Analysis module. This module eliminates the need for TNM to obtain connection duration and bandwidth information, and extends the platform support to all platforms supported by PVS. Connection duration and bandwidth reporting for IPv6 and tunneled traffic is a new addition and also available with this module. This module is disabled by default.

Improved PVS 10G performance
PVS now uses a new high-performance regular expression matching library for pattern matching when analyzing network traffic in high performance mode.

Improved VLAN reporting for hosts
PVS includes the ID of the VLAN a host lies within, in the report sent to SecurityCenter. The PVS client includes support for a user to query hosts by VLAN ID and also reports the VLAN ID within the host's detail view.

Support for macOS 10.10, 10.11, and 10.12
PVS 5.2.0 supports macOS versions 10.9 to 10.12.

Additional Improvements

  • HTML reports now include an option to include an Executive Summary chapter. This chapter contains the following sub-sections: Top 10 Vulnerabilities by Count, Top 10 Most Severe Vulnerabilities, Top 10 Hosts with Most Severe Vulnerabilities, and Hosts with Obsolete Operating Systems.
  • Fixed an issue where PVS may stop processing packets in High Performance Mode (10G PVS) in a VM deployment on high bandwidth networks.
  • The Events view in the PVS client includes byte transfer size details for connection events.
  • The number of worker threads can be configured to a maximum of 16 in high performance mode.
  • The SQLite version used by PVS has been upgraded to 3.13.0.
  • The OpenSSL version used by PVS has been upgraded to 1.0.2j.
  • The jQuery UI version used by PVS has been upgraded to 1.12.0.
  • The Expat version used by PVS has been upgraded to 2.2.0.

Copyright 2017. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.