Scans are managed from the “Scans” page. There are four basic categories of scans: active vulnerability scanning, Agent scanning, credentialed scanning, and continuous passive discovery. Using all four types provides a comprehensive view of the organization’s security posture and reduces false positives. SecurityCenter can manage one or more Nessus vulnerability scanners. Scan policies that discover new hosts, new applications, and new vulnerabilities can be scheduled and automatically distributed to multiple scanners for load balancing. SecurityCenter manages which Nessus scanners are best suited to scan a particular host. There are a large number of scanning options, including the ability to specify the maximum length of time a scan is allowed to run. If a scan exceeds the limit, the un-scanned targets are captured in a “rollover” scan that can be run manually or scheduled for a later time. This feature is very useful for organizations that have a limited scanning window available, enabling them to pick up a scan where it left off.
Active Vulnerability Scanning
In active vulnerability scanning, the Nessus scanner sends packets to a remote target to provide a snapshot of network services and applications. These are compared to a plugin database to determine if any vulnerabilities are present. SecurityCenter can also use a Nessus scanner located outside the local network to simulate what an external entity might see.
Agent scan results are imported from Nessus Cloud or Nessus Manager scanners. Utilizing Nessus agents for scanning reduces network usage and allows for devices such as laptops to maintain scan schedules even when disconnected from the network. SecurityCenter can import these results for review in conjunction with other acquired information about the host and network.
Nessus credentialed scans can be leveraged to perform highly accurate and rapid patch, configuration, and vulnerability audits on Unix, Windows, Cisco, and database systems by actually logging in to the target system with provided credentials. Credentialed scans can also enable the ability to enumerate all UDP and TCP ports in just a few seconds. SecurityCenter can securely manage these credentials across thousands of different systems and also share the results of these audits only with users who have a need to know.
Note: For more information on Nessus credentialed scanning, please refer to the.
Continuous Passive Discovery
SecurityCenter can manage one or more Tenable Passive Vulnerability Scanners (PVS). The PVS provides continuous discovery of new hosts, new applications, and new vulnerabilities. It runs 24x7 and discovers highly accurate client and server vulnerability information. SecurityCenter fuses this information with the active or credentialed scan results from Nessus.