TOC & Recently Viewed

Recently Viewed Topics

Passive Vulnerability Scanner Instances

Tip: Tenable rebranded the Passive Vulnerability Scanner (PVS) as Passive Vulnerability Scanner (NNM).

For high level information about passive scanning, see Scanning Overview.

Passive Vulnerability Scanner (PVS) is a patented network discovery and vulnerability analysis software solution, that delivers real-time network profiling and monitoring for continuous assessment of an organization’s security posture in a non-intrusive manner. PVS monitors network traffic at the packet layer to determine topology, services, and vulnerabilities. Where an active scanner takes a snapshot of the network in time, PVS behaves like a security motion detector on the network.

SecurityCenter communicates with PVS 4.0 or higher utilizing the XMLRPC protocol on port 8835 by default.

SecurityCenter will ask PVS for the latest (if any) vulnerability report once every hour by default. The pull interval may be changed under the System Configuration page under the Update tab.

By default, SecurityCenter will check every 24 hours to see if any new passive vulnerability plugins have been downloaded from Tenable and will push them out to each PVS scanner. SecurityCenter must have a valid PVS license activation code to retrieve plugin updates from Tenable and send plugin updates to the attached PVS scanners.

To configure one or more PVS servers, click Resources > Passive Vulnerability Scanners. This will produce a list of all configured PVS devices by name, their host, version, status, uptime, and the last time of the last retrieved report. Selecting the Update Status button from the Options drop-down menu will initiate a connection from SecurityCenter to obtain and refresh the status of the PVS scanners.

To add a scanner, click the Add button. Items with an asterisk (*) next to them indicate information that is required that does not have a default setting.

Note: It is important for you to restrict the data PVS collects to only the desired IP address ranges. For example, if your attached PVS collects information on 1100 hosts and SecurityCenter is licensed for 1000 hosts, SecurityCenter imports all of the PVS data and indicates that you exceeded your host count. For more information, see Licenses.

For more information, see Add a Passive Vulnerability Scanner.

To configure PVS plugin import schedules, see Edit Plugin and Feed Settings and Schedules.

Option

Description

Name

Descriptive name for the PVS scanner.

Description

Scanner description, location, or purpose.

Host

Hostname or IP address of the scanner.

Port

TCP port that the PVS scanner listens on for communications from SecurityCenter. The default is port 8835.

State

A scanner may be marked as Enabled or Disabled within SecurityCenter to allow or prevent access to the scanner.

Authentication Type

Select Password or SSL Certificate for the authentication type to connect to the PVS scanner.

Username

Username generated during the PVS install for daemon to client communications. This must be an administrator user in order to send plugin updates to the PVS scanner. This option is only available if the Authentication Type is set to Password.

Password

The login password must be entered in this option. This option is only available if the Authentication Type is set to Password.

Certificate

This option is available if the Authentication Type is SSL Certificate. Click the Browse button, choose a SSL Certificate file to upload, and upload to the SecurityCenter.

Verify Hostname

Adds a check to verify that the hostname or IP address entered in the Host option matches the CommonName (CN) presented in the SSL certificate from the PVS server.

Use Proxy

Instructs SecurityCenter to use its configured proxy for communication with the scanner.

Repositories

The repositories which this PVS scanner will save its data to. If PVS will be reporting IPv4 and IPv6 data, at least two repositories (one for IPv4 and one for IPv6 data) must be selected.

Copyright © 2019 Tenable, Inc. All rights reserved. Tenable, Tenable.io, Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc.. Tenable.sc, Lumin, Assure, and the Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.