SecurityCenter 5 represents more than 15 person-years of engineering and design work. The Tenable SecurityCenter team worked closely with more than 100 SecurityCenter customers to understand how to best support cyber security programs and help them succeed. Based on this direct customer feedback, the SecurityCenter engineering team has re-imagined and improved almost everything in the SecurityCenter 5 solution including data optimization, reporting, APIs, and the user experience. Tenable believes these improvements will help ensure you have the visibility and analytical capabilities needed to identify vulnerabilities, reduce risk, and ensure compliance.
This document describes many of the changes that are included in SecurityCenter 5.1, as well as significant enhancements and notes for upgrading. A PDF file of these release notes is also available here.
New Features and Enhancements
With the release of SecurityCenter 5.1, SecurityCenter now supports importing Nessus agent results, a feature many SecurityCenter and SecurityCenter Continuous View (SecurityCenter CV) customers have requested.
SecurityCenter 5.1 also now further extends visibility into vulnerabilities and misconfigurations across the enterprise by automating the importation of scan data from Nessus agents deployed on transient or remote systems. Nessus agents deliver the detailed visibility of credentialed scans without the requirement to manage the credentials needed for traditional active scanning. Nessus agents send scan information to Nessus Cloud or Nessus Manager. SecurityCenter then automatically retrieves this information for centralized vulnerability management, analysis, and comprehensive security assurance.
Nessus agents specifically eliminate blind spots by:
- Securing the Mobile Workforce – You no longer have to worry about omitting assets that are not online during a vulnerability scan. Nessus agents run the scans and then upload results to Nessus Cloud or Nessus Manager when a connection is available. Results are retrieved by SecurityCenter and SecurityCenter CV from Nessus Cloud or Nessus Manager on a scheduled or on-demand basis.
- Securing Systems on Complex or Limited Bandwidth Networks – Nessus agents remove the challenge of performing scans over segmented or complex networks and reduce network bandwidth usage, which is important for remote facilities connected by slow networks.
- Removing Credential Headaches – Many organizations struggle with credential management due to regular password change policies. With Nessus agents, host credentials are no longer required, removing the need for password resets and maintenance of privileges on assets.
The list of operating systems supported by Nessus agents currently includes Windows, Mac OS X, Amazon, Debian, Red Hat, Fedora, and Ubuntu Linux variants, and this list will continue to grow. For more information about Nessus agents, please see the following resources:
- SecurityCenter 5.1 with Nessus Agent Support paper
- SecurityCenter 5.1 with Nessus Agents FAQ
- Nessus Agents FAQ
- Nessus Agents webpage
- Nessus Agents whitepaper
Before You Upgrade
If you are planning an upgrade from SecurityCenter 4.x, due to the many enhancements and changes made in the SecurityCenter 5 solution, Tenable strongly encourages you to install and test the latest version of SecurityCenter in a pre-production environment prior to upgrading in your production environment to ensure the new workflows and enhancements are compatible with your current workflows. To receive an evaluation key that will allow you to install SecurityCenter in a pre-production environment for evaluation, log in to the Tenable Support Portal and click "Activation Codes". Under SecurityCenter, you will see a link to download a demo key for the SecurityCenter 5 solution.
Upgrades to SecurityCenter 5.1 are only supported for SecurityCenter installations currently running SecurityCenter 4.8.1 or later. Installations running previous versions of SecurityCenter 4.x must upgrade to at least 4.8.1 prior to upgrading to SecurityCenter 5.1. For more information about upgrading to SecurityCenter 5.1, refer to the SecurityCenter 5.1 Upgrade Guide.
If you are using Nessus agents, SecurityCenter 5.1 requires Nessus Cloud or Nessus Manager 6.5 or later. If you are not using Nessus agents, SecurityCenter requires Nessus Scanner 6.3 or later. SecurityCenter requires the Passive Vulnerability Scanner 4.0 or later. If SecurityCenter Continuous View uses the Log Correlation Engine (LCE) for log processing, SecurityCenter requires LCE 4.2 or later for complete feature compatibility.
Note: Due to changes in API architecture, all APIs created using SecurityCenter 4.x have been deprecated. For more information about SecurityCenter 5 API, refer to the SecurityCenter 5 API Documentation.
The command syntax for an RPM upgrade is as follows:
# rpm -Uvh [RPM Package File Name]
File Names & MD5 Checksums
SecurityCenter 5 Solution Features
- HTML5 UI - The entire UI has been completely transitioned to HTML5, providing a fast and flexible interface and a more rich user experience.
- Assurance Report Cards - These report types allow you to focus on measuring your success when aligning to business objectives.
- Audit File Updates via Feed - Tenable's extensive configuration and system hardening polices are now available as part of the feed. This includes inline Audit File configuration, which simplifies set up and allows for greater visibility into your environment.
- Scan Policy Updates via Feed - In addition to the Audit Files, SecurityCenter 5 also now includes scan policy templates, available as part of the feed.
- Blackout Windows - You can now specify blackout windows per asset or per IP address instead of system-wide. This granularity gives you the flexibility to skip certain devices, while continuing to collect information on the rest of the hosts.
- Data Pivoting - With SecurityCenter and SecurityCenter Continuous View, you can now quickly transition to different views of data to quickly diagnose and analyze issues.
- 32 Gigabyte Repositories - New, larger repositories help you simplify deployments and ensure data can be collected.
- Improved Disk Utilization - SecurityCenter 5 now allows administrators to control the length time of trend information is stored per repository. This new granularity ensures proper data retention and helps control overall disk space utilization.
- Increased Filtering Capabilities - SecurityCenter 5 includes the ability to filter on CVSS vector, cross-reference, and exploit frameworks for vulnerability analysis, dashboards, and reports. Event analysis has been enhanced to include Summary by Source IP, Summary by Destination IP, and Connection Summary. This increased filtering capability gives you new ways to analyze your data.
- Trending Calculations - In addition to the improvements in disk utilization, trend calculations are calculated using newly created data differentials. This change improves the initial time to calculate while ensuring the most accurate view of data over time.
- RESTful API - API updates provide more flexible and well-defined programmatic access to the SecurityCenter 5 application.
- LCE Client Management Improvements - SecurityCenter 5 provides greater flexibility when creating and distributing client polices. This new, simplified method helps ensure the greatest overall possible coverage.
- UTF-8 Character Support - This enables internationalization and localization for reporting.
- Nessus Agents - Automated import of scan data from Nessus agents.
- CyberArk Support - An option for managing scanning credentials.
- Unlimited Credentials - Removed the restrictions on the number of SSH and Windows credentials that can be added to a scan.
|SQL Windows Authentication does not work.||162822|
|Popovers Behave Unreliably in Low Resolution Web Browsers||151968|
|Delete Recast/Accept Risk Rules||168462|
|Dependent Scan Configuration Produces UI Errors||167589|
|LDAP Query Asset - Search String limitation||162133|
|"Send to Report" controlled by Role setting "Upload Nessus Scan Results"?||159458|
|Possible Memory Leak - Excessive Memory Consumption||153403|
|UI Allows Editing of Scans in Other Groups||159225|
|Normalized Event Summary Time Is Offset by Several Hours||140355|
|Remediation Scans are Broken: "getTemplateLookups is not a function"||156519|
|Error Attempting to Edit Selected Audit File||140850|