Tenable Adds IBM i Support to Security and Configuration Tool
February 28, 2012 Alex Woodie
Tenable Network Security recently added support for the IBM i OS with Nessus Scanner, a tool that analyzes server and network systems for security holes and lax configuration settings. The new plug-ins will enable IBM i shops to do one of two things: discover shortcomings in their security configurations, or document their adherence to IBM‘s security standards for the purpose of regulatory compliance.
Tenable claims that Nessus is the world’s most widely deployed vulnerability and configuration assessment product, and that it has become the de facto standard tool in its class among security professionals, network penetration testing teams, and auditors. While such claims may be difficult to prove, there’s no doubt that Nessus has been widely deployed, and, with 50,000 checks performed via plug-ins, that it casts a very wide net.
The addition of IBM i support makes that net just a little wider. “We had a lot of customers and prospects who have iSeries and need to cover that with assessments,” says Dale Gardner, product marketing manager for Tenable. “We’re all about being comprehensive.”
Gardner says Tenable has developed half-a-dozen IBM i plug-ins that examine 40 security attributes on the servers, including security level, audit level, and various password settings. Nessus follows IBM recommendations on security configuration settings, and any detected discrepancies, insecure configurations, or policy violations automatically trigger administrator alerts.
Regulatory compliance, specifically the Payment Cardholder Industry (PCI) security standards, is driving the need for the additional rigmarole and automated configuration assessments. “A lot of people have their iSeries locked down pretty well, but they have to prove it,” Gardner says.
Tenable sells several other security tools, including the Passive Vulnerability Scanner (PVS), which continuously monitors IP addresses for traffic that’s out of place, and the Log Correlation Engine (LTE), which pulls information from multiple sources, including Nessus, PVS, and Syslog entries from network devices, to do vulnerability and attack correlation.
There is also Security Center, a visualization tool that allows users to build dashboards and reports based on information in Nessus, PVS, and LTE. Getting security-related information from a wide variety of data sources increases the chances of preventing a security incident, at worst, or even just failing a security audit.
Tenable also funds its own security research department that looks out for the latest vulnerabilities, Internet threats, and compliance standards. This security research is used to continually update Nessus and other products to allow them to detect the latest threats. Gardner says it’s possible that there will be some research put into IBM i vulnerability discovery.
Tenable was founded 10 years ago, and has its headquarters in Columbia, Maryland. One of its co-founders is Ron Gula, its current CEO and CTO. According to the bio on the Tenable website, Gula started his information security career at the National Security Agency (NSA) conducting penetration tests of government networks and performing advanced vulnerability research. The other co-founders are Renaud Deraison, the original developer of Nessus and currently Tenable’s chief research officer (CRO); and Jack Huffard, who heads up business development, sales, and marketing as Tenable’s president and COO.
Nessus 5.0 is available now. Downloads are free, and businesses are charged $1,200 per year for the update feed. For more information and downloads, see the vendor’s website at www.tenable.com