{"product_id":10443,"v_id":10443,"product_name":"Tenable SecurityCenter 4.4 (SC) and Components: 3D Tool 2.0.1. Log Correlation Engine 3.6 (LCE), Passive Vulnerability Scanner 3.6 (PVS), Nessus 5.0.1, and xTool 2.1","certification_status":"Not Certified","certification_date":"2012-10-01T00:10:00Z","tech_type":"Enterprise Security Management","vendor_id":{"name":"Tenable, Inc","website":"https://www.tenable.com"},"vendor_poc":"Jack Huffard","vendor_phone":"410-872-0555","vendor_email":"jhuffard@tenable.com","assigned_lab":{"cctl_name":"Leidos Common Criteria Testing Laboratory"},"product_description":"<p>The Tenable SecurityCenter is a web based management console that unifies the process of vulnerability detection and management, event and log management, compliance monitoring, and provides reports on all of the above.&nbsp; The SecurityCenter enables communication of security events to IT, management, and audit teams.&nbsp; The major components of a SecurityCenter system are SecurityCenter (SC4), the Nessus Vulnerability Scanner (Nessus), Log Correlation Engine (LCE) and the LCE Clients, Passive Vulnerability Scanner (PVS), 3D Tool (3DT), and the xTool.&nbsp;</p>\r\n<ul>\r\n<li><strong>SecurityCenter</strong> &ndash; The SecurityCenter application is the      management module that ties all of the other components together and      enables enterprise wide vulnerability, event and log management, analysis,      and reporting.</li>\r\n<li><strong>Nessus Vulnerability Scanner</strong> &ndash; The Nessus Vulnerability      Scanner is an active scanner that provides agent-less host auditing of      both UNIX and Windows servers.&nbsp; It      features network node discovery, asset profiling, and vulnerability      analysis.&nbsp; Nessus scanners can be      distributed throughout a large network, on DMZs, and across distributed      networks.&nbsp; It can be used for ad-hoc      scanning, daily scans, and quick-response audits.</li>\r\n<li><strong>Log Correlation Engine</strong> &ndash; The Log Correlation Engine      aggregates, normalizes, correlates and analyzes event log data from the      various devices within the network infrastructure.&nbsp; It is closely integrated with the SecurityCenter,      allowing the centralization of log analysis and vulnerability management.&nbsp; </li>\r\n<li><strong>Passive Vulnerability Scanner</strong> &ndash; The Passive Vulnerability      Scanner continuously monitors network traffic,      searching for vulnerable systems, watching for potential application      compromises, observing client and server trust relationships, and tracking      open or browsed network protocols in use.&nbsp;      The Passive Scanner maps new hosts and services as they      appear on the network and monitors for vulnerabilities.&nbsp; </li>\r\n<li><strong>3D Tool</strong> &ndash; User interface to SecurityCenter using 3DT for an      enhanced view of topology and vulnerability data.</li>\r\n<li><strong>xTool </strong>&ndash; User interface to xTool for conversion of XML data      files to .audit file formats used by SecurityCenter.</li>\r\n</ul>","evaluation_configuration":null,"security_evaluation_summary":"<p class=\"norm1heading\">The evaluation was carried out in accordance to the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme.&nbsp; The evaluation demonstrated that the&nbsp;&nbsp; TOE<em> </em>meets the security requirements contained in the Security Target.&nbsp; The criteria against which the TOE was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1 Revision 3.&nbsp; The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1 Revision 3.&nbsp; Science Application International Corporation (SAIC) determined that the evaluation assurance level (EAL) for the TOE is EAL 2 augmented with ALC_FLR.2.&nbsp; The TOE, configured as specified in the evaluated configuration guide, satisfies all of the security functional requirements stated in the Security Target and in the Intrusion Detection System System Protection Profile (IDSSYPP), Version 1.7, July 25, 2007.&nbsp; Validators on behalf of the CCEVS Validation Body monitored the evaluation carried out by SAIC.&nbsp; The evaluation was completed in September 2012.&nbsp; Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report<em> for</em> Tenable Network Security, Inc., Tenable SecurityCenter 4 and Components prepared by CCEVS.</p>","environmental_strengths":"<p>The TOE is a set of software products that collectively represent a complete intrusion and vulnerability detection system that provides an integrated environment for managing security events and vulnerabilities.&nbsp; The primary TOE components include plug-ins that provide functionality specific to the TOE component allowing the component to be customized for each user environment and to be updated as new vulnerabilities are identified over time.&nbsp; The TOE facilitates the administration and organization of security workflow and management tasks, including automatic reporting to affected parties; division of duties; access control for application data; and update and tracking of vulnerability closure.</p>","features":[]}