Source: Tenable
This article provides information about an upcoming feed freeze for older versions of Nessus.
On April 30, 2021, Nessus versions (including Nessus Professional and managed scanners) below 8.5.2 will reach End of Standard Support (EoSS). On May 3rd, 2021, we will be freezing the plugin feed for these scanners. Any customers running Nessus Professional, Tenable.io or Tenable.sc 5.17 or older with managed scanners below 8.5.2 will still be able to run scans, but will not receive plugin updates. Tenable.sc customers who plan to upgrade to 5.18 or above will be required to at least have 8.5.2 for their managed scanners.
Nessus versions 6.x < 6.x.x, 7.x < 7.x.x, and 8.x < 8.5.2 have a plugin database (DB) size limit of 2GB. To avoid reaching this limit before May 3rd, 2021, we may deprecate certain plugins from the feed. Newer versions do not have this limitation. We strongly encourage users to upgrade their Nessus scanners to version 8.5.2 or later to continue receiving new plugin updates. Note: The feed freeze was originally scheduled to occur on May 1st, 2021. As May 1st falls on a Saturday, it was decided to delay the feed freeze until the following Monday. This decision does not impact the April 30th EoSS event.
What To Expect
On May 3rd, 2021, customers using Nessus scanners v8.5.1 and earlier (including Nessus Professional and managed scanners) will not receive any new plugin updates. Please see each product category below for specific product implications for plugins and scanners around this change.
Product Impact
Nessus Professional Customers using version 8.5.2 and higher will not be impacted. Customers using versions lower than 8.5.2 will be able to scan but will not receive new plugins.
Tenable.io Nessus scanners managed via Tenable.io are automatically updated, unless they have disabled such updates. Any Tenable.io customers that have managed scanners with automatic updates disabled and scanners on Nessus 8.5.1 or lower will receive the frozen plugin feed starting May 3rd, 2021.
Tenable.sc For Customers on Tenable.sc 5.18 and above:
Customers with managed scanners with versions 8.5.2 and above will continue to receive plugin updates and scan as usual.
Customers with managed scanners with versions 8.5.1 and below will no longer be able to scan with those scanners. All scanners 8.5.1 and earlier will need to be upgraded to versions 8.5.2 or later.
For Customers on Tenable.sc 5.17 and Below:
Customers with managed scanners with versions 8.5.2 and above will continue to receive plugin updates and scan as usual.
Customers with ONLY managed scanners with versions 8.5.1 and below will continue to be able to scan but with a frozen plugin feed.
Customers with a mix of managed scanners with versions above and below 8.5.2 will continue to be able to scan using all their scanners. Because scanners 8.5.1 and below will be using a different set of plugins than those greater than 8.5.1, there is a risk of 'vulnerability flapping'. Vulnerability flapping is when a vulnerability will appear mitigated in one scan, but then reappear in a subsequent scan. This can occur if scanners with different plugin sets are scanning the same host across different scans. Only version 8.5.2 and above would continue to get the full plugin set. In May 2022, once the Final plugin feed stage is reached - all Nessus scanners 8.5.1 and below will fail due to exceeding the maximum plugin set size of over 2GB.
Comments