Tenable Nessus® Network Monitor
Passively analyzes network traffic to provide continuous visibility into managed and unmanaged assets on your networks
Nessus® Network Monitor illuminates blind spots so you can see and protect your entire environment. The product provides a safe and non-intrusive way to discover and monitor even the most sensitive systems.
Nessus Network Monitor is included as a sensor with Tenable Vulnerability Management, Tenable Security Center and Tenable OT Security. Not all Nessus Network Monitor capabilities are available with all product configurations.
Eliminates Critical Blind Spots
Provides deep packet inspection to continuously discover and track users, applications, cloud infrastructure, trust relationships and vulnerabilities.
Monitors Everywhere
Automatically discovers infrastructure and vulnerabilities across more technologies than any other vendor, including operational technology devices, operating systems, network devices, hypervisors, databases, tablets, phones, web servers, and cloud applications.
Real-Time Network Monitoring
Continuous Visibility:
- Delivers continuous monitoring and assessment of an organization’s network in a non-intrusive manner
- Monitors network traffic at the packet level to provide visibility into both server and client-side vulnerabilities
- Scales to meet future asset discovery and vulnerability monitoring demands of proliferation of devices, including virtual systems and cloud services
Immediate Vulnerability Detection:
- Automatic infrastructure and vulnerability assessment identifies server- and client-side vulnerabilities in new and transient assets
- Detects vulnerabilities on communicating systems and the protocols and applications used
- Identifies when an application is compromised or subverted
Suspicious Traffic Identification:
- Identifies unencrypted PII and other sensitive information in motion
- Discovers when internal systems begin port scan of other systems
- Highlights all interactive and encrypted network sessions
- Spots which ports served and browsed for each individual system
Asset Discovery:
- IT based devices that operate in an OT environment
- Servers
- Endpoints
- Web applications
- Network devices
- Virtual- and cloud-based devices
- BYOD/mobile devices
- Jailbroken iOS devices
Compliance and Deployment
PCI DSS Compliance
The PCI DSS requires accurate and comprehensive identification of all systems involved in the transmission, processing or storage of credit card data. These systems collectively comprise the "cardholder data environment" (CDE) where PCI DSS controls must be consistently applied and validated on an annual basis. Organizations also must provide evidence of procedures to maintain the integrity of the CDE. Nessus Network Monitor not only monitors known data flows in/out of the CDE but also identifies undocumented data flows, particularly of unencrypted payment card information.
Deployment Options
Nessus Network Monitor is included as a sensor with Tenable Vulnerability Management, Tenable Security Center Director and Tenable OT Security. It is offered at two performance levels: 1 Gbps for monitoring small networks and network segments; and 10 Gbps, which extends Nessus Network Monitor to high-performance data centers and internet ingress/egress points.
- Tenable Nessus