Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

IoT Device Summary

by Stephanie Dunn
July 20, 2017

IoT Device Summary Screenshot

Despite lacking basic security features, devices that belong to the Internet of Things (IoT) are becoming increasingly present in enterprise settings. Without careful monitoring, IoT devices could be exploited by attackers seeking to infiltrate the organization. The IoT Device Summary dashboard presents important insight into the presence of IoT devices on the network by leveraging data from Tenable sensors.

In 2013, the Global Standards Initiative on Internet of Things (IoT-GSI) defined the IoT as “a global infrastructure for the information society, enabling advanced services by interconnecting (physical and virtual) things based on existing and evolving interoperable information and communication technologies.” IoT is seen in the consumer space as recently internet-enabled devices (appliances or electronics). In the commercial space, IoT devices are often related to security, such as cameras or door locks.

The IoT Device Summary dashboard highlights information useful to security teams looking to secure a network with IoT devices connected. A matrix component indicates the detection of a camera or video device from an Open Network Video Interface Forum (ONVIF) vendor. A bar chart tracks network port usage and two tables list the IP addresses with the most internal and external connections. A filter for a specific subnet, IP address list, or static asset could be added to focus the bar chart and tables on the IoT devices connected to the network.

This dashboard is available in the Tenable.sc Feed, a comprehensive collection of dashboards, reports, Assurance Report Cards, and assets. The dashboard can be easily located in the Tenable.sc Feed under the category Monitoring. The dashboard requirements are:

  • SecurityCenter 5.4.3
  • Nessus 8.4.0
  • Nessus Network Monitor 5.8.1

Tenable.sc Continuous View (CV) is the market-defining continuous network monitoring solution and can assist in securing an organization’s internal network by effectively responding to intrusions and attacks. Tenable.sc CV is continuously updated with information about advanced threats, zero-day vulnerabilities, and new regulatory compliance data. Active scanning periodically examines systems to determine vulnerabilities and compliance concerns. Agent scanning enables scanning and detection of vulnerabilities on transient and isolated devices. Passive listening provides real-time discovery of vulnerabilities on operating systems, protocols, network services, wireless devices, web applications, and critical infrastructure. Host data and data from other security products are analyzed to monitor the network for malware, intrusions, and other forms of malicious activity. Tenable.sc CV provides an organization with the most comprehensive view of the network and intelligence needed to support proactive intrusion prevention efforts.

The following components are included within this dashboard

  • IoT Summary – IoT Camera Vendors: This matrix presents an overview of IoT-based network camera devices by vendor. Each vendor listed includes network or IP-based cameras that are supported by the Open Network Video Interface Forum (ONVIF). ONVIF is an organization that supports the development of a global standard for IP-based security devices. An indicator will turn purple when a specific device has been detected. The analyst can click on the highlighted indicator, and drill down to obtain additional information on the detected device.    
  • Network Services Summary - Listening and Active Port Connections: This bar chart presents the top 10 ports detected on hosts that are listening or have active port connections. Nessus provides several plugins that leverage the “Netstat” command to determine all listening and enabled connections on hosts. This component can be modified to include specific port connections per organizational requirements. 
  • Network Mapping - Top Hosts with Most Internal External Connections: This table presents information on those hosts with the most passively detected internal connections to other hosts (Internal Client Trusted Connection). The table is sorted so that the host with the highest count of detections is at the top. This information can assist an organization in understanding who is talking to whom, as well as detecting any unauthorized or suspicious host connections.   
  • Network Mapping - Top Hosts with Most Outbound External Connections: This table presents information on those hosts with the most passively detected outbound external connections. The table is sorted so that the host with the highest count of detections is at the top. This information can assist an organization in understanding who is talking to whom, as well as detecting any unauthorized or suspicious host connections.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Try Tenable Web App Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web App Scanning trial also includes Tenable Vulnerability Management and Tenable Lumin.

Buy Tenable Web App Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try Tenable Lumin

Visualize and explore your exposure management, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable Vulnerability Management and Tenable Web App Scanning.

Buy Tenable Lumin

Contact a Sales Representative to see how Tenable Lumin can help you gain insight across your entire organization and manage cyber risk.

Try Tenable Nessus Professional Free

FREE FOR 7 DAYS

Tenable Nessus is the most comprehensive vulnerability scanner on the market today.

NEW - Tenable Nessus Expert
Now Available

Nessus Expert adds even more features, including external attack surface scanning, and the ability to add domains and scan cloud infrastructure. Click here to Try Nessus Expert.

Fill out the form below to continue with a Nessus Pro Trial.

Buy Tenable Nessus Professional

Tenable Nessus is the most comprehensive vulnerability scanner on the market today. Tenable Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select Your License

Buy a multi-year license and save.

Add Support and Training

Try Tenable Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Tenable Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Tenable Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Select Your License

Buy a multi-year license and save more.

Add Support and Training