This document describes many of the changes that are included in SecurityCenter 4.6.2, as well as significant enhancements and notes for upgrading. A PDF file of these release notes is also available here.
Upgrades are only supported for those users running SecurityCenter 4.2.0 and later. Users upgrading from 4.0.x must first perform an upgrade to SecurityCenter 4.2 or 4.4 before attempting to install version 4.6. Please refer to the SecurityCenter 4.2 Upgrade Guide or SecurityCenter 4.4 Upgrade Guide for information about upgrading to SecurityCenter 4.2 or 4.4. Information about upgrading from SecurityCenter 4.2.0 and later is available in the SecurityCenter 4.6 Upgrade Guide.
SecurityCenter now only supports Nessus scanners 4.2 or later. In addition, if SecurityCenter leverages the Log Correlation Engine (LCE) for log processing, the LCE must be running a minimum of version 3.6.1 for compatibility purposes.
The command syntax for an RPM upgrade is as follows:
# rpm -Uvh [RPM Package File Name]
File Names & MD5 Checksums
Changes and New Features
- Publishing Sites – This new feature allows users to move reports from SecurityCenter to a third-party system. Users can configure the reports to be published automatically, or can manually push the report when needed. The following two types of publishing methods are introduced in SecurityCenter 4.6.2:
- CMRS – This publishing is used strictly to support a particular project, and will export the new ARF and ASR reports. This method uses WS-Notify and is specifically designed to work for that system.
- HTTP Publishing – This publishing is what all other users can use to publish any report that SecurityCenter can produce today. It uses a simple HTTP POST and utilizes BASIC Auth.
- Repository Splitting – For very large customer deployments, there are times when Repository size limits hits its 4GB threshold. SecurityCenter 4.6.2 introduces a command-line tool that allows users to split a portion of their Repository, and move the data into a new Repository. The user will have to go through Tenable Support in order to get access to this tool.
- Links to Dashboard/Reporting blog – To help new or uninformed users with all the content provided by Tenable, we have introduced links that point users to canned Dashboard and Report templates posted on the Tenable blog.
- Enabled v2 data download by default on new installs – On new installs we now by default only download Nessus v2 data. This is a more efficient means for the SecurityCenter to import scan results from Nessus. There is a global setting to enable v1 and/or disable v2. Under most circumstances, all users are recommended to disable v1 and only offer v2 options after an upgrade.
- The Reporting/Scanning tab settings in the Admin interface offers the option to enable or disable a variety of reporting types that are encountered and needed only in specific situations.
- Generate an ASR report – This feature provides the ability to generate an Assessment Summary Report (ASR) (for use only projects that require this reporting format)
- Generate an ARF report – This feature provides the ability to generate an Asset Reporting Format report (ARF) (for use only projects that require this reporting format)
- Define operational attributes for reports – SecurityCenter 4.6.2 provides the ability to define operational attributes that are used to help define the content in an ARF/ASR report. This feature allows you to generate a report based on those attributes. (for use only projects that require this reporting format)
- Generate a CyberScope report – This feature provides the ability for SecurityCenter to generate a CyberScope/LASR report directly from the application. Previously, the xTool utility was needed to connect to SecurityCenter, pull the data, and generate the report.
- Fixed an issue where a user could not select or de-select an Asset that was in an Asset Group
- Resolved the issue where, in certain circumstances, deleting a Repository did not re-calculate IP count against the license.
- Fixed an issue that, while in LCE mode, the Load Template form contained a repository listbox.
- Many other minor improvements and bug fixes.
This release fixes various bugs.
Changes and New Features
- Importing Vulnerability data from LCE - SecurityCenter has added the ability to import vulnerability data that has been derived via logs through the Log Correlation Engine. This feature will not be usable until the release of LCE v4.2.
- SecurityCenter to Nessus communication compression - The SSL communication between SecurityCenter and Nessus will now be compressed. In the past, the transfers of scan results were sent uncompressed. Compressing data aids in environments with slow links between the SecurityCenter and scanners.
- Support for Palo Alto Compliance check - Nessus has added the ability to scan Palo Alto firewalls. This addition allows for the checks to be managed from the SecurityCenter as well.
- Optimization of Dynamic Asset List calculation - Enhancements have been made to improve the performance when creating Dynamic Asset Lists.
- Upgrade of Apache - There were vulnerabilities found in the version of Apache that was running on the previous versions of SecurityCenter. While SecurityCenter was not using any of the vulnerable modules, we upgraded to the latest version of Apache to stay current.
- Fixed the issue of stale scan jobs remaining in the UI, even after the job has been killed.
- Fixed the bug where DNS and LDAP assets where not being updated nightly.
- Resolved the issue of duplicate tabs on the dashboard.
- Removed the errors in the admin log when creating a new Orghead
- Addressed the issue when creating a report with an Iterator is launched via a scan and it is not using the IPs from the scan result.
- Fixed the issue where report filters in elements under Sections, Groups, or Iterators would become corrupt after it was launched via scan.
- Resolved the issue when editing a matrix cell on the dashboard caused the following error to appear "<x> correction(s) required. Condition: A matching condition already exists in the definition".
- Fixed the bug that occurred when editing an RTF report added a report image to the cover page when it should not have.
- Re-added the “Total IPs” to the scan results page. This was mistakenly removed in the previous release.