This document describes many of the changes that are included in SecurityCenter 5.3, as well as significant enhancements and notes for upgrading. A PDF file of these release notes is also available here.
New Features and Enhancements
Based on customer feedback and Tenable’s own rigorous internal testing process, the latest release of SecurityCenter 5.3 includes the following new notable capabilities:
- Red Hat Enterprise Linux 7 and CentOS 7 support: SecurityCenter 5.3 is now supported on the latest release of Red Hat Enterprise Linux 7 and CentOS 7.
- Configurable user session limits: SecurityCenter 5.3 now allows an administration to optionally set a max number of sessions per user for logon to the SecurityCenter UI.
- User account logon notification: SecurityCenter 5.3 administrators can display a user notification at logon time, which includes the time of the last successful logon, last failed logon attempt, and number of failed logons.
- Scan status displays scanner distribution information: SecurityCenter 5.3 now allows users to view detailed scan status information such as the scanners being utilized by the scan and the number of IP addresses distributed to each scanner.
- Enhanced vulnerability mitigation logic: SecurityCenter 5.3 improves validation of vulnerability resolution through intelligent authentication tracking.
Before You Upgrade
If you are planning an upgrade from SecurityCenter 4.x, due to the many enhancements and changes made in the SecurityCenter 5 solution, Tenable strongly encourages you to install and test the latest version of SecurityCenter in a pre-production environment prior to upgrading in your production environment to ensure the new workflows and enhancements are compatible with your current workflows. To receive an evaluation key that will allow you to install SecurityCenter in a pre-production environment for evaluation, log in to the Tenable Support Portal and click “Activation Codes”. Under SecurityCenter, you will see a link to download a demo key for the SecurityCenter 5 solution.
SecurityCenter 5.3 supports the following direct upgrade paths:
- 4.8.1+ > 5.3
- 5.0+ > 5.3
Installations running previous versions of SecurityCenter 4.x must upgrade to at least 4.8.1 prior to upgrading to SecurityCenter 5.3. For more information about upgrading to SecurityCenter 5.3, refer to the SecurityCenter User Guide.
If you are using Nessus agents, SecurityCenter 5.3 requires Nessus Cloud or Nessus Manager 6.5 or later. If you are not using Nessus agents, SecurityCenter requires Nessus Scanner 6.3 or later. SecurityCenter requires the Passive Vulnerability Scanner 4.0 or later. If SecurityCenter Continuous View uses the Log Correlation Engine (LCE) for log processing, SecurityCenter requires LCE 4.2 or later for complete feature compatibility.
Note: Due to changes in API architecture, all APIs created using SecurityCenter 4.x have been deprecated. For more information about SecurityCenter 5 API, refer to the SecurityCenter 5 API Documentation.
The command syntax for an RPM upgrade is as follows:
# rpm -Uvh [RPM Package File Name]
File Names & MD5 Checksums
Below is a brief description of the most significant items resolved in the Security Center 5.3 release:
|Export of Basic Network Scan policy disables all plugin families||00215150|
|Report Color Code Mismatch||00193717|
|Delete Recast/Accept Risk Rules||00168462|
|Nessus Agent Sync Timeouts not always set during upgrade||00193558|
|Create Monthly scan, Start time is not set correctly||00206452, 00176444|
|Agent results generate plugin names incorrectly||00198630|
|"Mitigated On" date is missing in PDF report||00194610, 00183942|
|Reports run with Now schedule should give indication they have launched||00150879|
|Admin account cannot lock/unlock initial security manager account||00185414|
|Filter in Report Results cannot be saved||00160589|
|Show IP Detail Error With Class A, Class B, Class C Summaries||00183611|