November 01, 2005
Tenable Network SecurityProduct:
$25,000 (as tested)
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Depth of capabilities, ease of filtering and scheduling.
- Weaknesses: Would be nice to have a Windows version.
- Verdict: A capable tool for those who wish to exploit it.
This software-based console collates security-related information into a central entity, in order to enable analysis and response.
It might be considered a security information management tool, with which to collect and aggregate information from other devices and sources, such as Nessus, NeWT, NeVO, and so on, with which it will easily interface.
The console, having received an event, will correlate the event against known vulnerabilities in real time and, if it believes the event reflects a true vulnerability, can be configured to automatically alert the system owner.
From the console, one is advised of the detected condition and offered recommendations for remediation, the response to which can be logged accordingly.
The Lightning Console can have multiple users, each of whom can schedule and run scans according to their particular group of relevant IP addresses, or indeed, a primary user may run multiple scans across different groups of IP addresses. This allows a certain flexibility to remain “network friendly,” while ensuring comprehensive coverage.
The information can be filtered in a number of ways, including by device type, in order to present a succinct view of the situation.
This filtering is easily undertaken via an intuitive interface, returning clear data to the user. Similarly, the scan scheduling interface is intuitive and logical, enabling immediate or scheduled scans to be easily configured.
The Lightning Console is designed to run on a Red Hat Linux platform and can, of course, report on devices on a variety of other platforms as well as infrastructural devices. When used in conjunction with popular scanning and IDS systems, it is potentially very powerful and can return a great deal of information in a reasonably coherent manner.
This is an interesting and highly capable product that will appeal to security professionals with a good understanding in this area who are already using IDS and vulnerability scanning tools to some extent.
The Lightning Console will help consolidate matters and provide a good deal of flexibility with regard to its overall coverage and modes of operation. But users should expect to invest some time in getting to know the tool and how best to fine tune its capabilities to their particular situation.