3D Tool 2.0 Quick Start Guide



Similar documents
WHITEPAPER. Nessus Exploit Integration

Patch Management Integration

Configuring Virtual Switches for Use with PVS. February 7, 2014 (Revision 1)

Log Correlation Engine Backup Strategy

May 11, (Revision 10)

Nessus Enterprise Cloud User Guide. October 2, 2014 (Revision 9)

April 11, (Revision 2)

Nessus Perimeter Service User Guide (HTML5 Interface) March 18, 2014 (Revision 9)

Tenable for Google Cloud Platform

Tenable Webcast Summary Managing Vulnerabilities in Virtualized and Cloud-based Deployments

This document also includes steps on how to login into HUDMobile with a grid card and launch published applications.

History Explorer. View and Export Logged Print Job Information WHITE PAPER

Log Correlation Engine 4.6 Quick Start Guide. January 25, 2016 (Revision 2)

Virtual Office Remote Installation Guide

AlienVault. Unified Security Management (USM) 5.1 Running the Getting Started Wizard

Continuous Network Monitoring

WA2262 Applied Data Science and Big Data Analytics Boot Camp for Business Analysts. Classroom Setup Guide. Web Age Solutions Inc.

How to use FTP Commander

Nessus Enterprise for Amazon Web Services (AWS) Installation and Configuration Guide. July 16, 2014 (Revision 2)

Using the Tenable Solution to Audit and Protect Firewalls, Routers, and Other Network Devices May 14, 2013 (Revision 1)

Initial Setup of Microsoft Outlook 2011 with IMAP for OS X Lion

Nessus and Mobile Device Scanning. November 7, 2014 (Revision 12)

Nessus Cloud User Registration

Portal Instructions for Mac

StarWind iscsi SAN Software: Installing StarWind on Windows Server 2008 R2 Server Core

SecurityCenter 4.2 Administration Guide

NMS300 Network Management System

F re Alarm Network etwo (FAN) T rou rou h Virt Vi ual u Private Network etwo (VPN) Dr. Dr Sa S mir H. Abdull--Ja J u a wad

owncloud Configuration and Usage Guide

Network Monitoring. SAN Discovery and Topology Mapping. Device Discovery. Send documentation comments to

Best Practices. Understanding BeyondTrust Patch Management

SecurityCenter 4.4 Administration Guide

Dell SonicWALL SRA 7.5 Secure Virtual Meeting and Secure Virtual Assist

Appendix 1 Install RightNow on your PC

June 8, (Revision 1)

Getting Started with Vision 6

VMware vrealize Operations for Horizon Administration

User Management Guide

Changing Your Cameleon Server IP

Monitoring the Network

Note: With v3.2, the DocuSign Fetch application was renamed DocuSign Retrieve.

6. If you want to enter specific formats, click the Format Tab to auto format the information that is entered into the field.

Visualization with Excel Tools and Microsoft Azure

Using Remote Desktop with the Cisco AnyConnect VPN Client in Windows Vista

Learn About Analysis, Interactive Reports, and Dashboards

Security Event Management. February 7, 2007 (Revision 5)

Build Your First Web-based Report Using the SAS 9.2 Business Intelligence Clients

Introduction to MS WINDOWS XP

Required Virtual Interface Maps to... mgmt0. bridge network interface = mgmt0 wan0. bridge network interface = wan0 mgmt1

Creating a Patch Management Dashboard with IT Analytics Hands-On Lab

Configuring a Custom Load Evaluator Use the XenApp1 virtual machine, logged on as the XenApp\administrator user for this task.

DEPLOYING A VISUAL BASIC.NET APPLICATION

Real-Time Auditing for SANS Consensus Audit Guidelines

Verizon Wireless Field Force Manager. Windows Mobile Devices

PureEdge Viewer Training Guide

NetIQ Operations Center 5: The Best IT Management Tool in the World Lab

Active Directory Integration

Installing TestNav Mac with Apple Remote Desktop

Microsoft Access 2010 handout

Windows XP File Management

NetOp: Teacher Program Creating and Setting up Your Class

Word basics. Before you begin. What you'll learn. Requirements. Estimated time to complete:

Getting Started with MozyPro Online Backup Online Software from Time Warner Cable Business Class

NextGen Setup Guide First-time Workstation Setup & Logging In

Virtual Appliance Setup Guide

Quick Start Guide: Utilizing Nessus to Secure Microsoft Azure

Workspaces Creating and Opening Pages Creating Ticker Lists Looking up Ticker Symbols Ticker Sync Groups Market Summary Snap Quote Key Statistics

TC 3/10 Rev. A

Remote Online Support

Using Windows XP and File Management Handout (Staff)

Tenable Network Security Support Portal. January 12, 2015 (Revision 14)

Software Development Environment. Installation Guide

Virtual Appliance Setup Guide

VULNERABILITY MANAGEMENT

Blackboard s Collaboration Tool

StarWind iscsi SAN Software: Using an existing SAN for configuring High Availability storage with Windows Server 2003 and 2008

QUANTIFY INSTALLATION GUIDE

EMC Smarts Network Configuration Manager

Getting Started with Microsoft Office Live Meeting. Published October 2007 Last Update: August 2009

UP L18 Enhanced MDM and Updated Protection Hands-On Lab

Check current version of Remote Desktop Connection for Mac.. Page 2. Remove Old Version Remote Desktop Connection..Page 8

IBM Security QRadar SIEM Version MR1. Administration Guide

The following was taken directly from the ARD (Apple Remote Desktop) operator s manual:

Edwin Analytics Getting Started Guide

Table of Contents. Part I Welcome. Part II Introduction. Part III Getting Started. Part IV The User Interface. Part V Quick Start Tutorials

NDA ISSUE 1 STOCK # CallCenterWorX-Enterprise IMX MAT Quick Reference Guide MAY, NEC America, Inc.

SSL VPN Service. To get started using the NASA IV&V/WVU SSL VPN service, you must verify that you meet all required criteria specified here:

13 Managing Devices. Your computer is an assembly of many components from different manufacturers. LESSON OBJECTIVES

Appendix A How to create a data-sharing lab

Getting Started with Microsoft Office Live Meeting. Published October 2007

To download the latest version of TurboTick Pro go to

Connecting Remotely via the Citrix Access Gateway (CAG)

Using Virtual Machines

Setting Up Monthly Reporter

Transcription:

www.tenable.com sales@tenable.com 3D Tool 2.0 Quick Start Guide ABOUT THE 3D TOOL Tenable s 3D Tool is a Windows application that is used to query data from a SecurityCenter 4 server and present it in an interactive visual console to facilitate presentations and security analysis. Tenable developed the 3D Tool to help communicate different types of information available in SecurityCenter, such as: > Nessus vulnerability data > Network topologies > PVS data, including passively discovered vulnerabilities and new network devices > Event data discovered and normalized by the Log Correlation Engine (LCE), including intrusion detection, firewall, netflow and syslog data Many people are visual learners, preferring to use images, colors and charts to organize information and communicate with others. The 3D Tool provides a mechanism to communicate technical data in visual terms that are easier to understand than written text. Using three dimensions to visualize network topology is easier than using two dimensions. Most Tenable customers have routing networks that are sufficiently complex enough to clutter any 2D topology map. Using 3D provides a visual display of the network topology and events that is easier to understand and navigate interactively. The 3D Tool can be applied in a number of different ways depending on the requirements. The typical application is to install it on a desktop in a network that can access the SecurityCenter so the data can be updated. However, once the data is loaded on the 3D Tool desktop, it no longer needs this connectivity. This enables managers and technical staff to examine security data from remote locations. The 3D Tool is available to all SecurityCenter customers and can be obtained from the Tenable Support Portal. For more information, please refer to the following blog entry or contact Tenable Support. The 3D Tool is available for all major Windows releases and works on most hardware platforms, although increased memory and multi-cpu configurations will greatly improve performance. INSTALLING THE 3D TOOL 1. Download the setup executable from the Tenable Support Portal located at: https://support.tenablesecurity.com/support-center/. Confirm the integrity of the installation package by comparing the download md5 checksum with the one listed in the product release notes. 2. Run the installation program, named similar to 3D_Tool_2_x_x_x32.exe. 3. Click Next when prompted to install the Tenable 3D Tool v2 on your computer and click on Install to begin the installation. The executable will launch the installer, prompt for an installation location and create a Tenable Network Security program Copyright 2002-2011 Tenable Network Security, Inc. 1

group that contains a link to the 3D Tool application. No manual configuration is performed during the installation process. 4. Once installation is complete, the 3D Tool can be launched via a desktop shortcut or from the Tenable Network Security start menu. CONFIGURING THE 3D TOOL CONFIGURE SECURITYCENTER QUERIES Before launching the 3D Tool, one or more custom queries that are used by the 3D Tool must be created on the SecurityCenter to create one or more topologies. The queries can be based on either vulnerability or event data and must be based on either the Detailed Vulnerability List tool for vulnerability data or List of Events tool for event data or they will not display in the 3D Tool query dropdown. The query type must be Vulnerability, the analysis tool must be Detailed Vulnerability List, and there must be results from plugin 10287 (Traceroute). CONFIGURE A NEW TOPOLOGY Use the steps below to create and configure a new topology view: 1. Launch the 3D Tool interface by double-clicking on the desktop or start menu icon. Once launched, a screen similar to the one below is displayed. The top two configuration panes will automatically hide when not in use and can be displayed by clicking in the 3D Tool window towards the top of the visible area. The lower configuration pane contains several elements that can be used to assist with the configuration process. To the right of the configuration gear icon are two icons that determine whether the interface is displayed vertically or horizontally. Choose the display accordingly. Copyright 2002-2011 Tenable Network Security, Inc. 2

If a layout was previously created, click the arrow icon next to the save icon in the upper pane and choose the layout to use. Otherwise, click the gear icon start the configuration process. 2. Name the topology in the Title section as desired. 3. On first use,select the SC4 Query section to enter a SecurityCenter login and to gather data. to 4. Click the Manage Logins command button to enter a SC4 login that will be used to retrieve data. Complete all required fields similar to the screen capture below: A default login named Default Login will already exist. Double-click the name field to create your own login. Copyright 2002-2011 Tenable Network Security, Inc. 3

After clicking on Test Login for the first time, a certificate warning is displayed. Assuming you trust the remote host, click through the warning to perform the login. 5. Once the test login has been successfully performed, click Done to continue. The new login is now listed in the login dropdown box. If at any point you wish to view the certificate of the remote host after performing the first query, click View Cert to display the certificate of the remote host. 6. Click List Queries to retrieve a list of available queries from the remote SecurityCenter. The 3D Tool will now log into the SecurityCenter and retrieve a list of available queries. The query type must be Vunerability, the analysis tool must be Detailed Vulnerability List, and there must be results from plugin 10287 (Traceroute). 7. Once completed, the Queries dropdown will appear similar to the following: Copyright 2002-2011 Tenable Network Security, Inc. 4

Select the desired query and then click Query Now to continue. At this point you will be prompted to save a Compiled Chart File. Enter the desired name for this file that is saved for later reuse and then click Create. Depending on the number of available records, this process can take a long time to complete. 8. Allow the records to complete processing and populate your new topology. Depending on the number of records, this process can take anywhere from several minutes to over an hour. Allow adequate time for this process to complete. After the data has been retrieved, the topology screen is automatically populated, similar to the screen capture below: Copyright 2002-2011 Tenable Network Security, Inc. 5

9. Use your mouse s right/left buttons and scroll button to move or rotate the display as desired. In addition, the keyboard arrow buttons can be used to adjust the display. LOAD A SAVED TOPOLOGY Click the radio button titled Load one of these already compiled data sets. and use the dropdown to select the compiled data set. Then click Done to continue. ADDING A NEW MODIFIER Modifiers are options that can be applied to specialize or modify the topology display based on your unique needs. Host, connection and count display attributes can be modified using this tool. Use the steps below to add a modifier. 1. Click the Modifiers button at the top of the topology configuration screen below the title bar. A screen similar to the one below is displayed: Copyright 2002-2011 Tenable Network Security, Inc. 6

2. Click New to add a new modifier.there are three available modifier types: Node Traits List, Connections List and Counts List. The Node Traits List modifier allows you to adjust host attributes such as color, shape, icon and vertical offset. The Connections List modifier visually displays connections using lines of varying height and source/destination color for contrast. The Counts List modifier displays counts of vulnerability and/or events per host with a vertical bar. After selecting the desired modifier type, you are prompted to save a file that will contain the modifier definitions. Enter the desired name of this file and then click Create : Copyright 2002-2011 Tenable Network Security, Inc. 7

3. Highlight the modifier in the list and click Edit and then Configure to add attributes. 4. A screen similar to the following is displayed: Copyright 2002-2011 Tenable Network Security, Inc. 8

5. Use the login created during the initial topology creation. 6. Under Query Type choose Asset List. 7. Choose List Queries and then select the desired query. In our case, the query name was OS Windows. Then click Perform Query to pull the assets that match this query on the remote SecurityCenter. After clicking Perform Query, you will be prompted to choose from a repository on the remote host that contains the desired host data. Either select Use all repositories, or individually select the desired repository. 8. For Trait Select choose Icon and then choose the default Windows icon. Copyright 2002-2011 Tenable Network Security, Inc. 9

9. Click Done and a list of affected hosts is displayed. In addition to the display list, existing modifier lists can be updated by clicking on Update as shown in the screen capture below. Copyright 2002-2011 Tenable Network Security, Inc. 10

10. Click Done. This is just a small sampling of what the Tenable 3D Tool v2 is capable of accomplishing. For a more information about this tool, please refer to the 3D Tool User Guide. Copyright 2002-2011 Tenable Network Security, Inc. 11

ABOUT TENABLE NETWORK SECURITY Tenable Network Security, the leader in Unified Security Monitoring, is the source of the Nessus vulnerability scanner and the creator of enterprise-class, agentless solutions for the continuous monitoring of vulnerabilities, configuration weaknesses, data leakage, log management and compromise detection to help ensure network security and FDCC, FISMA, SANS CAG and PCI compliance. Tenable s award-winning products are utilized by many Global 2000 organizations and Government agencies to proactively minimize network risk. For more information, please visit http://www.tenable.com/. Tenable Network Security, Inc. 7063 Columbia Gateway Drive Suite 100 Columbia, MD 21046 410.872.0555 www.tenable.com Copyright 2002-2011 Tenable Network Security, Inc. 12

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information