Passive Vulnerability Scanner
Strengths: Capabilities offer a powerful addition to active scanners. Strong reporting helps to gain full picture of all vulnerabilities in the enterprise
Weaknesses: Requires Tenable Security Center to be effective
Verdict: This passive scanner would be an important addition to any organisation’s active scan regime. It's also critical for compliance monitoring. Recommended
The Tenable Passive Vulnerability Scanner (PVS) is a very interesting product. It is truly passive in that it does not perform active scans of any kind. It is, put simply, a very smart sniffer.
The solution depends for its usefulness on the way it collects and reports vulnerability data. Since the PVS is always listening, it constantly collects information from the normal data flows on the network. This is superior to active scanners in two important ways.
First, the PVS "sees" information passing between devices that might be hidden behind firewalls and unavailable to active scanners. Second, since PVS is running all the time, it collects and reports vulnerability information between active scans. This can be very useful when creating reports.
The PVS, in order to be truly useful, requires the Tenable Security Center to function. This acts as a correlation device and, more importantly, provides the displays and reporting features that give the product its real strength. These allow the PVS to combine its findings with those of active and host-based scanners to give a full picture of the enterprise's vulnerabilities.
Beyond traditional views of vulnerabilities, however, there is concern about insider abuse. This is a powerful capability in Tenable's passive scanner.
Documentation for PVS is clear and useful. Additionally, there are many supporting documents on the vendor's website and the Tenable blog offers considerable insight into how to deploy its products most effectively.
Reporting is comprehensive and there are many templates, both from the developer and the user community. In general, we found this to be a novel and useful solution. Coupled with other security tools it adds an important dimension to vulnerability testing, reporting and compliance monitoring.
The PVS is not cheap. However, the addition of the Nessus active scanner is a no-cost option, which, given the significant benefits of this suite, makes it a reasonable price.
We rate PVS Recommended for its powerful approach to compliance and general network vulnerability monitoring.