SecurityCenter 5.0 represents more than 15 man-years of engineering and design work. Tenable has worked closely with over 100 of our customers to understand how we can help them succeed in their security efforts. Consequently, we have re-imagined almost everything inside of SecurityCenter 5.0, including the user experience, data optimization, reporting, and APIs. We believe these improvements are critical to ensure customers have the visibility and analysis needed to identify vulnerabilities, reduce risk, and ensure compliance.
This document describes many of the changes that are included in SecurityCenter 5.0, as well as significant enhancements and notes for upgrading. A PDF file of these release notes is also available here.
Upgrades to SecurityCenter 5.0 are only supported for those users currently running SecurityCenter 4.8 or higher. Users running previous versions will need to follow the upgrade path up to at least 4.8 before attempting to upgrade to SecurityCenter 5.0. Please refer to the SecurityCenter 5.0 Upgrade Guide for information on upgrading to SecurityCenter 5.0.
SecurityCenter 5.0 only supports Nessus scanners 6.3.6 or higher. The Passive Vulnerability Scanner must be version 4.0 or higher. In addition, if SecurityCenter leverages the Log Correlation Engine (LCE) for log processing, LCE 4.2 or higher is required for complete feature compatibility.
Note: with the change in API architecture (see below), all APIs created using SecurityCenter 4.x have been deprecated. Please log in to the Tenable Support Portal and access SecurityCenter 5.0 API Release Notes for additional details.
The command syntax for an RPM upgrade is as follows:
# rpm -Uvh [RPM Package File Name]
File Names & MD5 Checksums
5.0 New Features
- HTML5 UI - The entire UI has been completely transitioned to HTML5, providing a fast and flexible interface and a more rich user experience.
- Assurance Report Cards - These report types will allow clients to focus on measuring their success when aligning to business objectives.
- Audit File Updates via Feed - Tenable's extensive configuration and system hardening polices are now available as part of the feed. This includes inline Audit File configuration, which will simplify setup and allow for greater visibility in a client's environment.
- Scan Policy Updates via Feed - In addition to the Audit Files, SecurityCenter 5.0 also now includes scan policy templates, available as part of the feed.
- Blackout Windows - Blackout Windows can now be specified per asset or per IP instead of system wide. This granularity will give clients the flexibility to skip certain devices, while continuing to collect information on the rest of the hosts.
- Data Pivoting - SecurityCenter and SecurityCenter Continuous View clients will now be able to quickly transition to different views of data to quickly diagnose and analyze issues.
- 32 Gigabyte Repositories - These new larger repositories will help simplify deployments and ensure all possible data can be collected.
- Improved Disk Utilization - SecurityCenter 5.0 now allows administrators to control the length of time of trend information stored per repository. This new granularity will ensure proper data retention and that disk space is controlled overall.
- Increased Filtering Capabilities - SecurityCenter 5.0 includes the ability to filter on CVSS Vector, cross-reference, and exploit frameworks for vulnerability analysis, dashboards, and reports. Event analysis has been enhanced to include Summary by Source IP, Summary by Destination IP, and Connection Summary. This increased filtering capability gives users new ways to analyze their data.
- Trending Calculations - In addition to the improvements in disk utilization, trend calculations will be calculated using newly created data differentials. This change will improve the initial time to calculate while ensuring the most accurate view of data over time.
- Improved SSH Credential Support - SecurityCenter 5.0 allows scan jobs to use up to 5 SSH username and password combinations per job. This will simplify scan management and help insure the most complete assessment of each device.
- RESTful API - This API update will provide a more flexible and well defined programmatic access to the SecurityCenter 5.0 application.
- LCE Client Management Improvements - SecurityCenter 5.0 allows greater flexibility in the creation and distribution of client polices. This new simplified method will help users ensure the greatest possible coverage overall.
- UTF-8 Character Support - This enables internationalization/localization for reporting.