Vulnerabilities / Threats
12/4/2012
03:08 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%
Repost This

Tenable Rolls Out Vulnerabilty Management Solution For IPv6

SecurityCenter Continuous View designed to identify emerging threats and vulnerabilities

Columbia, MD, December 04, 2012 -- Tenable Network Security, Inc., the leader in real-time vulnerability management, today released the first vulnerability management solution designed to identify emerging threats and vulnerabilities as an entirely new field of Internet addresses are employed.

IPv6 (Internet Protocol version 6) is the latest revision of the Internet Protocol (IP), the primary communications protocol upon which the entire Internet is built. It is intended to replace the older IPv4, which is running out of addresses that are needed to connect the exploding number of devices like smartphones and tablets to the Internet.

Security solutions not yet able to discover and assess known devices and systems assigned the new IPv6 address leave networks vulnerable to security risk and compliance violations, especially to malicious users who will be trying to exploit networks that contain unknown IPv6 addresses.

No longer a job for scheduled scanning alone, upgrades to Tenable's SecurityCenter Continuous View&trade (CV) solution combines scheduled scanning and passive vulnerability monitoring to identify vulnerabilities, threats, and compliance violations located at any of 1.2*10^24 IPv6 addresses, a /48 space recommended for a "typical" organization.

Already unique in its ability to manage risk from mobile devices, cloud-based services and virtual infrastructure, enhancements to SecurityCenter CV components, SecurityCenter&trade version 4.6 and Passive Vulnerability Scanner&trade (PVS) version 3.8, extend Tenable's lead in vulnerability management to identify security and compliance risk from rapidly evolving computing environments.

"Our customers are already the first to continuously manage risk from mobile, cloud and virtual infrastructure. Now they can add IPv6 to the list of challenges they've uniquely prepared their organizations for," said Ron Gula, CEO and co-founder of Tenable Network Security. "This new release of SecurityCenter continues to set the pace for IT risk management, helping companies rapidly adopt new technologies, and reduce gaps in risk awareness from months to minutes by transitioning from periodic scanning to continuous real-time monitoring."

The following enhancements to SecurityCenter and PVS&trade improve monitoring, analysis and collaboration:

· IPv6 – Enhancements to SecurityCenter and PVS automatically identify security and compliance risk in IPv6 assets as soon as and wherever they appear across hybrid IPv4/IPv6 address spaces, increasing situational awareness.

· Unified IPv6 Scanning – Enhancements to SecurityCenter, when used with Tenable Perimeter Service, provide a comprehensive internal and external assessment of an organization's IPv6 risk posture.

· LDAP Access and Asset Calculator - Enhancements in SecurityCenter simplifies the creation of scans targeted at devices based on enterprise IT asset information. New Plugin Date Filters improve compliance trending and reporting.

· Scan on Alert, Report on Scan, and Report Sharing - New collaboration functionsallow SecurityCenter to trigger scans, share reports, and initiate incident and remediation workflow with rich information on vulnerabilities, threats, and malware detection. With Tenable's Log Correlation Engine&trade deployed, reports and scans can be triggered based on anomalous behavior (e.g., never-before-seen events).

A complete list of enhancements can be found at [link].

About Tenable Network Security

Tenable Network Security is the de facto standard for vulnerability and compliance management solutions with over 15,000 customers worldwide. Tenable's unique real-time vulnerability and threat management technologies are used by the most demanding security professionals, compliance auditors, and executive risk managers to reduce the risk from mobile, cloud and virtual technologies. Our solutions scale to meet the needs of the smallest to the largest enterprises and government agencies including the entire U.S. Department of Defense.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-0360
Published: 2014-04-23
Memory leak in Cisco IOS before 15.1(1)SY, when IKEv2 debugging is enabled, allows remote attackers to cause a denial of service (memory consumption) via crafted packets, aka Bug ID CSCtn22376.

CVE-2012-1317
Published: 2014-04-23
The multicast implementation in Cisco IOS before 15.1(1)SY allows remote attackers to cause a denial of service (Route Processor crash) by sending packets at a high rate, aka Bug ID CSCts37717.

CVE-2012-1366
Published: 2014-04-23
Cisco IOS before 15.1(1)SY on ASR 1000 devices, when Multicast Listener Discovery (MLD) tracking is enabled for IPv6, allows remote attackers to cause a denial of service (device reload) via crafted MLD packets, aka Bug ID CSCtz28544.

CVE-2012-3062
Published: 2014-04-23
Cisco IOS before 15.1(1)SY, when Multicast Listener Discovery (MLD) snooping is enabled, allows remote attackers to cause a denial of service (CPU consumption or device crash) via MLD packets on a network that contains many IPv6 hosts, aka Bug ID CSCtr88193.

CVE-2012-3918
Published: 2014-04-23
Cisco IOS before 15.3(1)T on Cisco 2900 devices, when a VWIC2-2MFT-T1/E1 card is configured for TDM/HDLC mode, allows remote attackers to cause a denial of service (serial-interface outage) via certain Frame Relay traffic, aka Bug ID CSCub13317.

Best of the Web