Tenable OT Security 2025 版本说明

提示:您可以订阅以接收关于 Tenable 文档更新的提醒。

Tenable OT Security 4.1.38 (2025-02-20)

重叠 IP 地址支持

  • 在重用相同 IP 地址范围的网络中,OT Security 通过使用传感器进行区分,以防止意外的资产合并。

  • 重用 IP 范围的每个网络实例都需要专用的传感器。例如,具有相同 IP 配置的三条生产线需要三个独立的传感器,以确保区分每条生产线的资产。

    有关更多信息,请参阅“重复的内部网络”。

IEC 变电站可见性

  • 您现在可以导入变电站配置数据以增强资产清单,如此一来 OT Security 便能够针对变电站的错误配置提供关键安全见解。有关更多信息,请参阅“SCD 文件”。

改进的 Nessus VM 扫描控制

Tenable 现在在 OT Security 中为用户定义的 Nessus 扫描引入了以下新配置选项。创建扫描时,您可以调整其速度、详细程度和强度。有关更多信息,请参阅“Nessus 插件扫描”。

  • 全面测试

    • 执行扫描时,Nessus 可以对系统运行额外的深入检查。启用此选项可增强扫描的完整性,但同时也会增加扫描的持续时间。

    • 定期使用全面扫描有助于提升“AI Aware”功能在 OT Security 中的表现。

  • 更高的详细程度

    • 某些插件可以在扫描过程中生成数据更丰富的输出。但是,您必须启用此设置,插件才能在其输出中包含额外的数据。

    • 如果选中此选项,扫描输出将包括以下信息性插件:56310、64582 和 58651。

  • 扫描性能

    • Tenable 现在支持管理员自定义各个 Nessus 扫描的性能。这些设置包括同时针对一个目标评估的插件数量、并发扫描目标计数和超时秒数。

    • 降低最大检查数和最大主机数的值可以减少扫描的影响。然而,这也可能增加扫描的持续时间。

AI Aware 检测

Tenable 的新 AI 检测功能有助于您监控自己的人工智能应用程序和服务。OT Security 会从授权扫描中获取数据,然后在“发现结果”或“漏洞”工作台上显示这些数据。

合规性仪表盘:NERC-CIP 支持

合规性仪表盘现在支持映射 NERC CIP 中可通过 OT Security 检测的控制措施。

Enterprise Manager:集中更新

OT Security EM 4.1 版本开始,系统管理员可以将其配对的 ICP(运行 4.0 或更高版本)远程升级到与 EM 相同的版本。有关更多信息,请参阅“ICP 更新”。

虽然此功能是在 OT Security 4.0 中引入的,但从版本 4.1 开始才可以使用。

重要:为使 EM 集中式更新生效,ICP 必须能够在端口 28305 和 8000 (TCP) 上访问 EM。

发现结果的 CVSSv3 分数:发现结果和漏洞表现在新增一个额外的 CVSSv3 列。

清单的“全选”功能:“全选”复选框已在“清单”页面中恢复,以便用户更方面地进行多选。

传感器主动查询 — 批量配置:您现在可以批量选择并启用或禁用传感器的主动查询行为。

网络端口配置:通过 Tenable Core Cockpit 接口在端口 8000 上配置网络端口。您现在可以在应用程序外部查看和配置每个网络接口的角色。例如:启用拆分端口。

漏洞

Tenable 会识别此版本中的多个新漏洞。请在此处查看完整列表。

新的 Tenable OT Security 设备指纹引擎 (DFE) 覆盖范围

供应商 产品
Moxa MGate 5000 系列
Sprecher Automation RTU
Elspec G5 数字故障记录仪
Wiesemann & Theis ComServer
Honeywell Experion C300PM、C300OM
Wago 控制器 750、PFC

有关 OT Security API 的更多信息,请参阅“API 文档”。

复制 
Field ntpChange was removed from object type FlagList
 Field ntpFault was removed from object type FlagList
 Field ntpServersUnreachable was removed from object type FlagList
 Field emSetSystemTime was removed from object type Mutation
 Argument keepNetworkConfig: Boolean! was removed from field Mutation.factoryReset
 Field setSystemTime was removed from object type Mutation
 Input field origins of type [String!] was added to input object type AssetDiscoveryOptionsParams
 Enum value Scd was added to enum AssetSourceType
 Enum value AlreadyExists was added to enum ErrorCategory
 Enum value ContentTooBig was added to enum ErrorCategory
 Enum value FailedToAllocateOverlapping was added to enum ErrorCategory
 Enum value NotContainingAnyAssets was added to enum ErrorCategory
 Enum value OverlappingNetsAlreadyInOrigin was added to enum ErrorCategory
 Enum value Processing was added to enum ErrorCategory
 Member IEC61850SubscribeFailure was added to Union type EventDetails
 Member IEC61850UnauthorizedWrite was added to Union type EventDetails
 Enum value IEC61850 was added to enum ExclusionType
 Enum value IEC61850SubscriptionFailure was added to enum IDSSrcDstEvent
 Enum value IEC61850UnauthorizedWrite was added to enum IDSSrcDstEvent
 Enum value awaitingFirstUse was added to enum IcpSensorField
 Enum value origin was added to enum IcpSensorField
 Argument origins: [String!] added to field Mutation.editNessusUserScan
 Argument settings: NessusUserScanSettingsArgs added to field Mutation.editNessusUserScan
 Argument origin: ID added to field Mutation.editSensor
 Argument origins: [String!] added to field Mutation.newNessusUserScan
 Argument settings: NessusUserScanSettingsArgs added to field Mutation.newNessusUserScan
 Argument origin: String added to field Mutation.testAdHocBasicCredentials
 Argument origin: String added to field Mutation.testAdHocPasswordOnlyCredentials
 Argument origin: String added to field Mutation.testAdHocSnmpV2Credentials
 Argument origin: String added to field Mutation.testAdHocSnmpV3Credentials
 Argument origin: String added to field Mutation.testCredentials
 Enum value cvss3Score was added to enum PluginField
 Enum value cvss3Score was added to enum PluginsAssetsField
 Enum value IEC61850SubscriptionFailure was added to enum PolicyEventType
 Enum value IEC61850UnauthorizedWrite was added to enum PolicyEventType
 Argument origins: [String!] added to field Query.getDiscoveryEstimation
 Argument dbOnly: Boolean added to field Query.nessusUserScan
 Argument dbOnly: Boolean added to field Query.nessusUserScans
 Enum value SensorAwaitingFirstUse was added to enum RemovableFlags
 Enum value pluginCvss3Score was added to enum findingField
Field origins was added to object type AssetDiscovery
Field scdSubscriptionsRecoByIedCsvIsRunning was added to object type FlagList
Field scdSubscriptionsRecoCsvIsRunning was added to object type FlagList
Field sensorAwaitingFirstUse was added to object type FlagList
Type IEC61850Exclusion was added
Type IEC61850SubscribeFailure was added
Type IEC61850UnauthorizedWrite was added
Type IcpUpdateStatus was added
Type IecReportClient was added
Type IecReportClientConnection was added
Type IecReportClientEdge was added
Field bulkEditSensorActive was added to object type Mutation
Field createOrigin was added to object type Mutation
Field deleteOrigin was added to object type Mutation
Field deleteOverlappingNetworks was added to object type Mutation
Field newIEC61850Exclusion was added to object type Mutation
Field scdMisconfigRecommendationByIedCsv was added to object type Mutation
Field scdMisconfigRecommendationCsv was added to object type Mutation
Field scdSubscriptionsRecommendationByIedCsv was added to object type Mutation
Field scdSubscriptionsRecommendationCsv was added to object type Mutation
Field updateOverlappingNetworks was added to object type Mutation
Field updateOverlappingPool was added to object type Mutation
Field origins was added to object type NessusUserScan
Field settings was added to object type NessusUserScan
Type NessusUserScanSettings was added
Type NessusUserScanSettingsArgs was added
Type NetworkUpdateInput was added
Type Origin was added
Type OriginConnection was added
Type OriginEdge was added
Field cvss3Score was added to object type Plugin
Field iecCanUploadScd was added to object type Query
Field iecReportsByAssetId was added to object type Query
Field iecScdsInfo was added to object type Query
Field isAssetIec was added to object type Query
Field origin was added to object type Query
Field origins was added to object type Query
Field overlappingPool was added to object type Query
Field scdRecommendationsCount was added to object type Query
Field scdRecommendationsCountByIed was added to object type Query
Field itemsCount was added to object type RuleGroup
Type ScdInfo was added
Type ScdInfoConnection was added
Type ScdInfoEdge was added
Type ScdRecommendations was added
Type SensorActiveAction was added
Field origin was added to object type SensorDetails
Field updateStatus was added to object type Update
Type thoroughTestsType was added
Type verbosityType was added

文件名和 MD5 或 SHA-256 校验和已发布在“OT Security 下载”页面。