Security Center 3.4.5 Release Notes
Watch the Security Center 3.4.5 Release Video by Tenable CTO, Ron Gula.
The following list describes many of the changes that are included in Security Center version 3.4.5, the significant issues that have been resolved and notes for upgrading. A PDF file of these release notes is also available here.
Starting with Security Center 3.4.5, if Security Center exceeds its license key IP limit, only administrator logins are allowed with limited functionality. An opportunity is given to upload a new license key to accommodate the excess IP count and restore functionality. Contact email@example.com to obtain a new license key if necessary.
As with any application, it is always advisable to perform a backup of your Security Center installation before upgrading.
Upgrading from 3.4.x
There are no special upgrade notes for those users running Security Center 3.4.0 or later. The command syntax for an RPM upgrade is as follows:
# rpm -Uvh <RPM Package File Name>
Bundled third-party products updated include newer versions of: Apache, libpng, PHP and SQLite.
Support has been added for the enhanced web application testing settings introduced with recent Nessus plugin modifications. It is important to understand the following requirements for web application test scans:
- Only one web server can be scanned per web application test.
- Scanned hosts must be specified within the Security Center scan page in the following format: [IP:domain_name] or [IP:hostname]. An example of a scanned system would be:
New Scan options:
Web Application Test Settings:
- Enable Web Application Tests
- Send POST Requests
- HTTP Parameter Pollution
- Test embedded web servers
- Maximum Run Time (min)
- Combos of arguments values
- Stop at first flaw
More information can be found at: http://blog.tenablesecurity.com/2009/06/enhanced-web-application-attacks-added-to-nessus.html.
The following new reporting templates have been added:
- Windows Patch Summary Per Host.xml - filters on plugin 38153 for a concise list of hosts that have missing SMB patches and which patches are missing.
- Scanned Hosts in Last 90 Days.xml - lists all hosts with a completed scan in the last 90 days
- Scanned Hosts in Last 30 Days.xml - lists all hosts with a completed scan in the last 30 days
- Scanned Hosts in Last 7 Days.xml - lists all hosts with a completed scan in the last 7 days
- CCE Configuration Summary.xml - Summary of all Nessus compliance checks that contain "CCE" in their name. This report will summarize the compliant and non-compliant hosts with respect to the FDCC and other SCAP style audits.
- CCE Configuration Report.xml - Report of all Nessus compliance checks, tested hosts, tested Windows servers and raw test results that contain "CCE" in their name. This report will detail the compliant and non-compliant hosts with respect to the FDCC and other SCAP style audits.
- PCI Configuration Summary.xml - Summary of all Nessus compliance checks that contain "PCI" in their name. This report will summarize the compliant and non-compliant hosts with respect to the PCI audit policies maintained by Tenable.
- PCI Configuration Report.xml - Report of all Nessus compliance checks, tested hosts, tested Windows servers and raw test results that contain "PCI" in their name. This report will detail the compliant and non-compliant hosts with respect to the PCI audit polices maintained by Tenable.
- Scan results import process improved - The cumulative database (HDB) will no longer be converted to .nessus during scan imports. The HDB conversion will occur as part of the nightly processes.
- SSH/LCE connection reduction - performance improvement
- Change default refresh time for Nessus from one to 12 hours
- Increased the email size limit to 16MB
- Security Center is now officially supported on CentOS 5
- First seen and last seen dates being shown for scan and new scan results (requires browser cache to be cleared after upgrade)
- Delete Static Assets menu item's name has changed to Static Asset List Add/Edit/Delete (See New Screen)
- Plugin IDs report filter (now accepts up to 16 plugin IDs vs. four)
- PSM should be able to edit contents of a static asset range
- Choosing an Asset List & an adhoc IP causes scan to fail
- Sourcefire modified download process of Snort rules requiring change to snort_update.pl (version 2.8 Snort ruleset support).
- Option to enable/disable Build splash screen from Admin login
- Total Active IP count now correctly includes hosts scanned for compliance checks.
- Policy plugin load page speed and stability improved.