Product Information

Passive Vulnerability Scanner

starstarstarstarstar

by Peter Stephenson January 01, 2007
SC Magazine Recommended
Vendor:

Tenable Network Security

Product:

Passive Vulnerability Scanner

Website:

http://www.tenablesecurity.com

Price

c£6,000

RATING BREAKDOWN

  • Features:
    starstarstarstarstar
  • Ease of Use:
    starstarstarstar
  • Performance:
    starstarstarstarstar
  • Documentation:
    starstarstarstar
  • Support:
    starstarstarstar
  • Value for Money:
    starstarstarstarstar
  • Overall Rating:
    starstarstarstarstar

QUICK READ

  • Strengths: Capabilities offer a powerful addition to active scanners. Strong reporting helps to gain full picture of all vulnerabilities in the enterprise
  • Weaknesses: Requires Tenable Security Center to be effective
  • Verdict: This passive scanner would be an important addition to any organisation’s active scan regime. It's also critical for compliance monitoring. Recommended

The Tenable Passive Vulnerability Scanner (PVS) is a very interesting product. It is truly passive in that it does not perform active scans of any kind. It is, put simply, a very smart sniffer.

The solution depends for its usefulness on the way it collects and reports vulnerability data. Since the PVS is always listening, it constantly collects information from the normal data flows on the network. This is superior to active scanners in two important ways.

First, the PVS "sees" information passing between devices that might be hidden behind firewalls and unavailable to active scanners. Second, since PVS is running all the time, it collects and reports vulnerability information between active scans. This can be very useful when creating reports.

The PVS, in order to be truly useful, requires the Tenable Security Center to function. This acts as a correlation device and, more importantly, provides the displays and reporting features that give the product its real strength. These allow the PVS to combine its findings with those of active and host-based scanners to give a full picture of the enterprise's vulnerabilities.

Beyond traditional views of vulnerabilities, however, there is concern about insider abuse. This is a powerful capability in Tenable's passive scanner.

Documentation for PVS is clear and useful. Additionally, there are many supporting documents on the vendor's website and the Tenable blog offers considerable insight into how to deploy its products most effectively.

Reporting is comprehensive and there are many templates, both from the developer and the user community. In general, we found this to be a novel and useful solution. Coupled with other security tools it adds an important dimension to vulnerability testing, reporting and compliance monitoring.

The PVS is not cheap. However, the addition of the Nessus active scanner is a no-cost option, which, given the significant benefits of this suite, makes it a reasonable price.

We rate PVS Recommended for its powerful approach to compliance and general network vulnerability monitoring.

Related Group Test

SC Webcasts UK

Sign up to our newsletters

FOLLOW US