Nessus is used in more than 75000 organizations around the globe and it is considered to be one of the world’s most popular vulnerability scanners (Ferguson, n.d). However, the third version i.e. version 3 has now been converted to a proprietary license, as the scanning engine is still free and updates are also available after a week on a release. When Nessus is incorporated in a large enterprise, most probably, a government organization such as department of defense (DOD) WAN networks, it will initiate a port scan and target the defined host or a network. After opening the port, it examines all the services that are running on the system or network and test all the detected services against vulnerabilities defined in Nessus vulnerability database (Kim, n.d).
As this tool can develop a testing platform for network resilience, the report generation is very comprehensive that is ideal for large enterprises. As it is an easy remote based vulnerability analysis tool, it can be best suited for large enterprises that are geographically dispersed in more than one continent (Kim, n.d). Moreover, in an ideal scenario, corporate network for large organizations contain many client/server architectures, Nessus will detect the clients and the server automatically when connected to the specific network on a specific location (Kim, n.d). Network security professionals of the large enterprise can customize plugins, as per their requirements, as the tool has its own scripting language for defining methods to test and identify network for vulnerabilities (Kim, n.d). The tool will penetrate within the corporate network and start scanning anonymous File Transfer Protocol (FTP) and for the client/server architecture, secure socket Layer (SSL) will provide additional layer of security for report results. However, for false positive detection, a validity check is required on the reports from Nessus displaying vulnerabilities found. This process is time consuming and complex. Moreover, Nessus tool can also crash routers, firewalls, switches or another network resource on the network. For addressing this issue, plugins must be tested prior to deployment. Even tough, prevention of the crash of network resources and devices is not guaranteed.
Ferguson, n.d, B.CompTIA network+ review guide: Exam: N10-005. Sybex.
Kim, n.d, C. L.Fundamentals of network security firewalls & VPNs Jones & Bartlett Publishers.