Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Rollout: Tenable's Nessus 3.0

The Upshot

With recent modifications to Nessus 3.0, Tenable has added complete endpoint compliance auditing to its existing vulnerability scanning product, reducing the number of solutions you must buy.

Few vulnerability-scanning products support both vulnerability scanning and minimum-standards endpoint-compliance checks. Most administrators must use and maintain two separate products.



Nessus' endpoint-compliance functionality isn't always pretty, but it gets the job done well, and cheaply. Some tweaking is required for Windows hosts if they're not in a Windows domain. This product might not meet all needs without your adding on the much more expensive Security Center.

Tenable generated a lot of attention with its move to a closed-source but still-free 3.0 version of Nessus. That action prepared Tenable for a new type of remote check to Nessus: endpoint compliance, which ensures machines are configured in accordance with an organization's local policies and best practices. This addition puts Nessus in the company of very few others--and introduces a fee-based version of Nessus.

  • 1