Tenable Network Security, Inc. • 7063 Columbia Gateway Drive, Suite 100, Columbia, MD 21046 • 410.872.0555 • • www.tenable.com
Copyright © 2012. Tenable Network Security, Inc. All rights reserved. Tenable Network Security and Nessus are registered trademarks of Tenable Network Security, Inc. The ProfessionalFeed is a
trademark of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.






















What is New
in Ne ssus

®
v5.0 ?
Copyright © 2002-2012 Tenable Network Security, Inc.



2




For network security practitioners who routinely assess complex, enterprise networks for
security and compliance issues, Nessus® v5.0 is the latest release of the industry’s most
widely-deployed vulnerability and configuration assessment product. Nessus reports are the
industry’s de facto standard, recognized by security professionals, network penetration
testing teams, and auditors alike. Powered by Nessus’ continuously-updated library of
nearly 50,000 individual vulnerability and configuration checks, Nessus delivers the highest
possible accuracy in the marketplace.

Nessus 5.0 introduces many important features and improvements that streamline and
optimize each of the four major phases of the vulnerability scanning process.

• !"#$"%&'()& *+),(% ,+/01$,0+"($"'(% )&$ ,0+"(2+)(0/*)+3&'(%+//-"0%$,0+" (40,#($55(*$),.(+2(,#&(
+)6 $"0 1$,0+" (
• 7&4(' $,$(30. -$501$,0+"(*)+30'&.(0//&'0$,&( 0".06#,(0",+(.%$"()& 5 ,.(2+)(0 /*)+3&'(&220%0&"%8(
• 9/*)+3&'(.%$"(*+50%8(%)& $,0+"($"'('&.06"(2+)(/+)&(,$)6&,&'(.%$".(
• :0/*5020&'(0".,$55$,0+"($"'(/$"$6 &/&",(2+)(&"#$"%&'( $;050,8(

Nessus 5.0 key features and improvements are described below. View a video overview of
the new features. Log into the Tenable Support Portal to upgrade to Nessus 5.0 today.


Report Customization and Creation

<-5,0*5&()& 5,.(205,&).=()& 5,.(/$"$6&/ &", =($"'("&4(*)&>% +"206-)&'()&*+),.($55+ 4(7& (?@A( &).(,+(
*)+'-%&(,$)6&,&'()&*+),. (,$0 5+)&'(,+(20,(,#&("&& '.B0",&)&.,.(+2(, #&0 )(.*&%020%($-'0&"%& @(7& (?@A($5.+(
603&.( &).(,#&($;050,8(,+(%+/;0"&(/- 5,0*5&()&*+),( ,&/*5$,&.(0" ,+($(.0"65&=(% +/ *)&#&".03&()&*+),=( 4#0%#(
%$"(;&('&503&)&'(0"($(3$)0&,8 (+2(2+)/$,.=(0"%5 -'0"6(CDE@

• F& 5, .(205,&) 0"6($"'()&*+ ),(% )&$,0+"G(F& 5,.(205,&)0"6($"'()&*+) ,(%) &$, 0+" (0.(/+)&(25&H0;5&(,#$"(
&3&)(;&2+ )&@( I.&).(%$" ($**58(/-5,0*5&( )& 5,(205,&)0"6(%)0,&)0$ =($"'(,$)6&,&'()&*+),.(%$"(;&(
6&"&)$,&'($6$0".,(,#&(205,&)&'()& 5,.@(
o J)&$,&()&*+) ,.(,#$, (%+",$0"(+"58(&H*5+0,$ ;5&(3-5"&)$; 050,0&.=(/-5,0*5&()0.K(5&3&5.(L&@6@=(+"58(
.#+4(%)0,0%$5($"'(#06#()0. K(20"'0 "6.M=(205,&)(+"(JN!(+)(O-6,)$P(9D=(*5-60"("$/&=($"'(/+)&Q(
(
• F&*+),.(% ,+/ 01&'(;8($-'0&"% &G(F&*+),.(%$"(;&(% ,+/ 01&'(2+)(&H&%-,0 3&. =(.8.,&/.(
$'/0"0.,)$,+).=(+)($-'0,+).@( R( &)(%$"(&H%5-'&(*$ ),0%-5$)(3-5"&)$;050 ,0&.(2)+/( $()&*+ ),(;&2+)&(0,(
0.(6 &"&)$,&'=($55 +40"6('&503&)8(+2()& 5,.( ,$)6&,&'(,+(.*&%020%($-'0&"%&.@(
o !H$/*5&G(D-)0"6($"(0",&) "$5 (.%$"=(7& (40 55()&*+),(, #$, ($(D7:(.&)3&)($55+4.()&%-).03&(
P-&)0&.=(4#0%#(0.(0, .(2-"%,0+"(+"(,#&(0",&)"$5("&,4+)K @(R.(,#0.(0.($(K"+4" (%+"'0,0+"=($ (
&)(%$"( * *)& (, #0.()&. -5,(0"(,#&(6&"&)$,&'()&*+),(,+(K&&*(2+% (+" (,)-&(
3-5"&)$;050,0&.@(
o S0,#(2 +-)("&4(*)&>%+"206-)&'()&*+),(2+)/$,.(T(J+/*50$"%&(J#&%K=(J+/*50$"%&(J#&%K(
L!H&%-,03&M=(N-5 "&)$;050,0&.(;8(U+. ,=($"'(N-5"&)$;050,0&.(;8(C5-60"(T( &).(%$"(P-0%K58(
%)&$,& ()&*+),.(; 8(%#$*,&).@(
 !H$/*5&G(V#&(%+/*$"8W.(%+/*50$"%&(*+50%8('0 %,$,&.(,#$,(*$ 4+)'.(;&(6)&$,&)(
,#$"(,&"(%#$)$% ,&).(0" (5&"6,#@(7& (3?@A()-".($(.%$"($6$0".,(,#&(;$.&50"&=( $"'(
,#&(J+/*50$"%&(J#&%K(L! H&%-,03&M()&*+),(.#+4.($(*$ B2$05()& 5,(,+(0 "'0 %$,&(02($55(
#+.,.(+"(,#&("&,4+)K($)&(%+/*50$",(40,#(,#&(/0"0/-/(*$ 4+)'(5&"6,#@(S0,#(
Copyright © 2002-2012 Tenable Network Security, Inc.




3


*$ B2$05()& 5,.=(,#&(J+/*50 $"%&(J#&%K(L !H&%-,03&M()&*+),(*)+30'&.($ (P-0%K(
."$*.#+,(+2(,#& (%+/* $"8W.(%+/*50 $"%&(% #&%K50.,(.,$, @(
(
(
(
Nessus%5.0%Complianc e%Chec k%(Executi ve)%Report
(
• F&*+),(2+ )/$,.G (F&*+),.(%$"(;&(6&"&)$,&'(0"("$,03&(7& (2+)/$,.=(UV<X=($"'("+4(CDE(
2+)/$,.(L)&P -0)&.(Y)$%5&(Z$3$(;&(0".,$55&'(+"(,#&(7& (.&)3&) M@(
o V#&("&4(CDE()&*+),(2+)/$,(/$K&.(0,(&$.0&)(,+(. #$) &()&*+ ),.@(


Nessus%5.0%PDF%Report%Fo rmat%
(
• J+/;0"&'()&*+ ),.G (<-5,0*5&()&*+),(,&/* 5$,&.(% $"(;&(%+/;0"&'(0" ,+(+"&()&*+),@(
o R(.0"65&()&*+),(%$"("+ 4(% +",$0"(3-5"&)$;050, 0&.(.+) ,&'(;8(#+.,($"'(;8(9C(
$'')& B#+.,"$/& @(

Scan Execution

Powerful new Nessus 5.0 features allow customers to take advantage of real-time scan
results, with on-the-fly filtering and sorting, and streamlined results navigation.
Copyright © 2002-2012 Tenable Network Security, Inc.




4


(
• 7&4(%)0,0%$50 ,8(5&3&5G(7& ( 3?@A("+4(#$.(203&(. &3&)0,8(5&3&5.(T(9"2+)/$,0+"$5=(X+4(F 0.K= (
<&'0-/(F0.K=(U06#(F0.K=($"'(J)0,0%$5(F0.K @(V#&(9"2+)/$,0+"$5(5& 3&5(P-0%K58(0'&" ,020&.("+" >
3-5"&)$;050,8(0"2+)/$,0+"(L["0%&(,+(K"+4\M($"'(.&*$) $,&.(0,(2)+ /(,#&(3-5 "&)$;050,8('&,$05(L["&&'(
,+(K"+4\M@(
o !H$/*5& G(R( &)(/$8( 4$",(, +()-"($(P-&)8($6$0".,($55(#+. ,.()-""0"6(4&;(.&)3&).("+,(+ "(
,#&("+)/$5(#,,*(+)(#,,*.(*+),.=(*+),(]A(+)(*+),(^^_@(V#&(9"2+)/$,0+"$5(5& 3&5($55+4.($( & )(
,+(P-0%K58(0'&", 028(0"2+)/$,0+"(,#$,(/$8(;&( &2-5=(;-,('+&.("+,()&P-0)& (0/ /&'0$ ,&(
$,,&",0+" (T(K&&*0"6(, #&(2+% (+"(,#&($%,0+"$;5&()& 5,.@(
(
• 7&4(3-5"&)$ ;050 ,8(. -//$)8G( R("&4(3-5"&)$;050,8( //$) 8($"'()&'&.06"&'(# +.,( //$)8(/$K&(0,(
&$.8(,+(.&&()0.K(5&3&5(40,#+-,(&3&" ()-""0"6($()& *+),@(

(
Nessus%5.0%Vulnera bility%Summary %Showing%Critical%and%High%Risks%


Nessus%5.0%Host%Summary%w ith% 5%Levels%o f%Ri sk%Severity%
Copyright © 2002-2012 Tenable Network Security, Inc.



5




• :,)&$/50"&'()&. -5,.("$306$,0+"G(Y"&(%50%K(,+(`-/*(2)+/($(%)0,0%$5(3 -5"&)$;050,8(,+(.&&(,#&(#+.,L.M(
,#$,(0. (3-5"&)$;5&(, +(,#&('&,$05.(+2( ,#& (3-5"&)$; 050,8@(


Nessus%5.0%One‐click%Naviga tion%
(
• V$K&($'3$",$6&(+2( )&$ 5>,0/&()&. -5,.G((R.(,#&(.%$"(0.(;&0"6()-"=("+,(+"58(%$"(8+-(.&&(,# &()& 5,.($.(
,#&8($)&(;&0"6(6$,#&)&'=(;-,("$ 306$,&($"'(205,&)(+"(,#&/($.(4&55@(V#0.($55 +4.(8+-(,+(& $.058($%,(
-*+"(,#&(3-5"&)$;050,8('$,$( 4#05&(,#&(.%$"(0.(#$**&" 0"6@(

Scan Policy Creation and Design

Over two dozen new plugin filters make it fast and easy for security and compliance
professionals to create policies for laser-focused scans. Users can easily select multiple filter
criteria, such as, Vulnerability Publication Date, public vulnerability database ID (OSVDB,
Bugtraq, CERT Advisory, and Secunia), Plugin type (local or remote), information assurance
vulnerability alert (IAVA), and more, to quickly identify easily-exploitable vulnerabilities. For
example,
• :%$"(2+)($55(&$.058()&/+,&58>&H*5+0,$;5&(3-5"&)$;05 0,0&.(2+)(4#0%#(, #&)&(0.($"(&H*5+0,(*-;50.#&'(0"(
8+-)(2$3+ )0,&(&H*5+0,(2)$/&4+)K@(
• :%$"(2+)(5 +%$5(,#0)'>*$),8 (%50&",(.+2,4$)&(,#$,(0.(-"*$,%#&'@(
• :%$"(2+)(.8., &/.(,#$,(#$3&(;&&"(/0 0"6(*$,%#&.(2+)(/+)&(,#$"($(8&$)@(
(
Copyright © 2002-2012 Tenable Network Security, Inc.



6



(
Nessus%5.0%Plugin%Filterin g

Policies can be configured to produce reports that are locked to prevent editing.

Installation and Management

:,)&$/50"&'(0".,$55$,0 +"($"'(,#&(-"020&'(4&;(0",&)2$%&(40,#(aI9(%+"206-)$,0+"(.0/*5028(7& (?@A(
0".,$55 $,0+"($"'($'/0"0.,)$, 0+" @(!

• 9".,$55 $,0+"G(7& (3?@A(#$. ($(;)+4.& )>;$.&'(0".,$55$,0+"(401$ )'(T("+(.*&%0$5(K" +45&'6&(
)&P-0)&'@((I.&). (+" ($(40'&(3$)0& ,8(+2(* 5$,2+)/.( T(S0"'+ 4.= (<$%=(X0"-H=(+)(I79b(T(%$"(#$3 &(
7& (3?@A(0"., $55&'(40,#0"(/0"-, &.@((

• J+"206-)$,0+"($"'(/$"$6&/&",G(7& (3?@A(%+ "206-)$,0+"($"' (/$"$6&/&",(0.("+4('+"&(cAAd(
,#)+-6#(,#&(aI9@(7+(/+) &(%+//$"'(50"&(,& H,(2 05&(&'0,0"6=($"'("+(/+)&(7&. (:&)3&)(< $"$6&)(
,+(0".,$55( +"( S0"'+4. (%50&",.@!
o S0,#($55(%+"206-)$,0+"($"'(/$"$6&/&",("+4('+"&(,#)+-6#(,# &(4&;(0",&)2$%&=(,# &(
7& ( &)(&H* &)0&"% &(0. (,#&(.$/&(2+)($55( &). =()&6$)'5& (+2(Y:@!
o S0,#(, #&(,+-%#(+2($(;-,,+"(+"(,#&(aI 9=(7 & ( &).(% $"("+4(P-0%K58( 0"0,0$,&(*5-60"(-*'$,&.($"'(.&&(
5$.,(-*'$,&(0 "2+)/$,0+"@(


TENABLE Network Security, Inc.
7063 Columbia Gateway Drive
Suite 100
Columbia, MD 21046
410.872.0555
www.tenable.com