Product Features and Technical Specifications Passive Vulnerability Scanner The T V k f u n n ef n n ude . Passive Vulnerability Scanner Features Encryption Detection > All TLS or SSL services > Enumeration of SSL certificates > Alerting of expired SSL certificates > Detection of encrypted services based on randomness Example Client Applications Detected > Chrome > Internet Explorer > iTunes > Firefox > Mozilla > Outlook > Skype > Thunderbird Passive Vulnerability Plugin Families > Backdoors > CGI > Database > DNS Servers > Finger > FTP Servers > Generic > Operating System Detection > IMAP Servers > Internet Messagers > IRC Clients > Peer to Peer > POP Server > RPC > Samba > SMTP Clients > SMTP Servers > SNMP Traps > SSH > Web Clients > Web Servers > Class B license supports multiple PVS instances within a unique /16 > Class C license supports multiple PVS instances within a unique /24 Example Libraries Detected > Java > PHP Real-time File and Data Logging Support > Files shared over SMB > Files downloaded over HTTP > Files server and downloaded over FTP > Files shared over FTP > SQL database inserts, deletes and other commands > Each file share is logged locally or via syslog Supported Vulnerability Standards > Bugtraq > CVE > CPE > CVSS > Public Exploits > OSVDB Passive Network Discovery Methods > Ethernet address tracking > Observing UDP or TCP traffic > Report on open and browsed ports Hardware Requirements > Typical 3Ghz, 8Gb memory systems monitor 500–1000 Mb/s > 100 Mb/s and 1Gb/s network interfaces > Can be deployed in virtual environments Deployment Options > Red Hat 4 and 5 > CentOS 4 and 5 > Windows 2003 or 2008 > Tenable Virtual Appliance > Tenable Hardware Appliance Licensing > Single PVS instance can monitor unlimited IP addresses Supported Protocol Analysis > DNS > FTP > HTTP > HTTP Proxy > IMAP > IPv4 > IRC > LDAP > NTP > NFS > POP > SCADA > SQL > SPF > SMB – Windows file sharing > SMTP > SNMP > SSL > SSH > TFTP > TLS > Time To Live > X Windows Web Application Auditing > Port independent web server discovery > Expired SSL certificates > Identification of active web sites on each web server > Sampling of hosted web content > Identification of hostile ActiveX controls > Passive discovery of web forms and variables > Harvesting of links and email addresses Copyright © 2011. Tenable Network Security, Inc. All rights reserved. Tenable Network Security and Nessus are registered trademarks of Tenable Network Security, Inc. The ProfessionalFeed is a trademark of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners. Tenable Network Security, Inc. 7063 Columbia Gateway Drive Suite 100 Columbia, MD 21046 410.872.0555 sales@tenable.com www.tenable.com