NessusClient 3.0 BETA

Tenable Network Security has made available a BETA version of the new NessusClient 3.0. This Nessus client can be used to connect to any Nessus scanner and perform scans, manage scan policies and analyze results. It has a consistent user interface across Mac OS X, Windows and Linux operating systems. The BETA currently includes support for:

• instant availability of results during active scans
• managing connections and credentials for multiple Nessus scanners
• managing multiple vulnerability scan policies
• saving the Nessus scanner information, scan polices and results as a unique document-based "session"
• dynamically offering plugin preferences management for scan settings
• new report results format which combines scan policy with results

If you are a current Mac OS X Nessus user, you will recognize that the Nessus Client on Windows and Linux versions is the same as on Mac OS X. Below are screen shots of the new client:

Connecting to a Nessus Scanner	Plugin Selection	Plugin Prefs Selection
Live Scan Results	Content Audit	USB WMI Audit

The New .nessus Report Format

The BETA of the NessusClient 3.0 has the ability to save vulnerability reports in a new format called the ".nessus" output. This is an XML file which contains scan results and scan policies in one report.

Saving scan policies and scan results into one format makes analysis of vulnerabilities more straight forward. Being able to understand what was scanned for, which scan options were used, which credentials were invoked makes understanding of discovered vulnerabilities easier.

This format will also become the preferred format used in future releases of the Security Center for uploading remote vulnerability scan results.

The client also has the ability to export vulnerability results in the older and soon to be depreciated .nsr or .nbe formats.

Windows Support for Dynamic Plugin Preferences

The current Nessus client included with Nessus 3.0.0 through Nessus 3.0.6 had support for a static list of plugin preferences. Previously if Tenable added support for a new plugin, such as the Windows File Content Checks, our developers would need to manually add support for those plugins in the Nessus client.

This new NessusClient 3.0 BETA has dynamic plugin preference support just like the previous Linux Nessus 1.0 GUIs, NessusWX and the OS X Nessus GUI. This means that if in the near future, Tenable releases a new plugin that has some scan configuration options, this new client will be able to present those options to the user to create a custom scan policy.

Platform Availability

The NessusClient 3.0 BETA is available for Linux and Windows.

Mac OS X Nessus users will recognize the user interface and features. Tenable's intent is to provide a consistent user experience across each of these operating system platforms.

Platform Compatibility

Tenable has made an effort to ensure this client is compatible with both Nessus 3 and Nessus 2 scanners obtained from Nessus.org. The client is also compatible with the configuration auditing, sensitive content checks and SCADA checks available through the Tenable Direct Feed.

It should also be noted that there is no operating system dependency between the client and server. You can deploy a Nessus Windows 3.0.6 scanner on a host and connect to it with the this Nessus Client from Linux or OS X. This has been the case for previous Nessus clients as well.

Obtaining and Using This BETA

The NessusClient 3.0 BETA for Windows or Linux is available for download from the nessus.org web site. Any issues found during testing of this BETA should be sent to Tenable's Director of Research, Renaud Deraison, or posted to the http://bugs.nessus.org tracking system.