Hi Sutapa, A lot of what you are asking for is out of scope for a network vulnerability scanner, and more in-scope of a vulnerability management system like the Security Center.
Having said that: - NessusClient 3.2.1 has a new filtering mechanism to help filter data in your scan results. - Reports based on OS/function/designation can be accomplished with the Security Center. In some cases, the Security Center can dynamically produce a list of assets based on some quality (OS fingerprint, registry settings, .etc) or based simply on asset lists that you upload. You can even do things like create an automatic list of hosts that share PDF/Word docs. Below are some blog entries on how the technologies work: http://blog.tenablesecurity.com/2007/03/using_manufactu.html http://blog.tenablesecurity.com/2007/12/order-from-chao.html http://blog.tenablesecurity.com/2007/01/enumerating_cor.html - As far as reading through the lengthy reports, there are many approaches to performing vulnerability audits. With the new client, you can start with filtering on hosts that have high level vulnerabilities. We've written a variety of blog entries on various approaches you can use as an IT auditor, consultant, penetration tester and so on at blog.tenablesecurity.com. - SOX compliance is a relative procedure from customer to customer based on their IT policies and other compensating controls. For example, a customer may choose to patch all of their network every 90 days because they have lots of firewalls, NIDS, host based IDS and other types of security. In this case, they'd use Nessus to look for systems not being patched within 90 days because it is against their policy. Other customer as part of their IT controls want a specific configuration for each system. They use the tools available with the Direct Feed to build audit policies for configuration checks and then perform these scans with Nessus. Ron Gula Tenable Network Security Dey, Sutapa wrote: > Hi All, > > > > Please clear some of my doubts on Nessus as below: > > > > 1. If I run a scan for a large number of boxes in the network(say 500), it > will generate a large report. Is there any way to drill down that complex > report depending on some specifications say: > > > > a. How many Operating Systems - HP-UX,Linux,Windows scanned? > > b. How many Routers scanned? > > c. How many Switches scanned? > > d. How many Bridges scanned? > > e. How many Desktops scanned? > > f. How many Firewalls scanned? > > g. How many Servers scanned? > > I know Nessus gives reports only based on the IP(s) given for scanning. Is > there any utility which can give the numbers as I specified above of these > network elements and others? > > > > 2. Is there any documentation available describing how to read through the > lengthy reports? > > > > 3. Can I implement SOXX Compliance using Nessus? If so, how or rather what is > the procedure? > > > > Please let me know as soon as possible as this is urgent. > > > > Thanks in advance. :) > > > > Regards, > > Sutapa > > > > > > > > ------------------------------------------------------------------------ > > _______________________________________________ > Nessus mailing list > [email protected] > http://mail.nessus.org/mailman/listinfo/nessus _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
