BigFix Insights for Vulnerability Remediation 4.1.0 is Available Now!

ADL · January 17, 2025, 11:24am

Release Summary

Features and Enhancements for Tenable Vulnerability Management Integration

Added support of Tenable Security Center (formerly known as Tenable.sc) on the new IVR v.4 architecture
Tenable.sc Multi Instance support

Summary

We are happy to announce the release of BigFix Insights for Vulnerability Remediation (IVR) 4.1.0 for our customers using Tenable Security Center (formerly known as Tenable.sc)

The new IVR v.4 architecture is now able to directly integrate and load Vulnerability information from Tenable Security Center via API calls
IVR v.4 supports direct integration with multiple different instances of Tenable Security center. The data coming from the different instances of Tenable.sc are collected into the IVR database and correlated with BigFix content and devices, to identify the remediation content that must be deployed
The new integration with Tenable Security Center leverages of all the enhancements of the IVR v.4 architecture, as:
- More accurate, effective and faster device correlation logic, that is based on IDs that guarantee much more reliability on the final correlation results.
- More reliable and more accurate logic for the correlation between the Tenable findings and the BigFix remediation content, based on additional metadata available in the Tenable data flow
- Reduced infrastructure requirements (in terms of computational resources, server configuration and time to process the data)

The goal of IVR remains the same, to help align Security and Operations teams with intelligent patching prioritization and automated remediation, reduce the time between vulnerability discovery and remediation, and greatly reduce risk by reducing the vulnerable attack surface.

Resources

Documentation - BigFix Insights for Vulnerability Remediation (IVR) v.4

Site Versions

Site Type	Name	Version
Fixlet Site	BigFix Insights for Vulnerability Remediation	36
WebUI Site	WebUI IVR	17

atlauren · January 17, 2025, 5:20pm

Wonderful! We’ve been looking forward to support for .SC.

atlauren · January 22, 2025, 12:53am

A few points of clarification:

Which component uses the certificate? Is this for the WebUI application to access the IVR Retriever Service?
Must the IVR Retriever Service be isolated to its own server? Can be colocated on the WebUI machine, or another BF-affiliated Windows server?
Similarly, must the IVR DB be on an isolated SQL Server? Can it be a shared DB resource? (Can it be the same DB server that hosts BESEnterprise?)

Thank you!

gus · January 22, 2025, 6:44pm

Hi @atlauren,

The certificate is used by the “BES IVR Retriever Service”. Yes, the WebUI application will typically access the application on port 9011 with the configured certificate.

The “BES IVR Retriever Service” can be isolated or colocated. If it is colocated with the WebUI server, it may alleviate some issues / concerns with regards to firewall ports / connectivity issues.

The BES IVR Retriever database can be configured on an isolated SQL Server or colocated / shared database server.

Thanks, Gus

julius.susmina · May 14, 2025, 7:09pm

Is the new version supports TLS 1.2?

ADL · May 15, 2025, 9:51am

Hi Julius,

IVR v. 4.1.0 supports TLS 1.0, 1.1, 1.2 and 1.3

julius.susmina · May 15, 2025, 1:46pm

Hello Alessandro,

Can we disable TLS 1 and 1.1? And just use TLS 1.2.

Thanks.

Regards,

Julius

ADL · May 16, 2025, 7:17am

Hi Julius,

unfortunately we don’t have a setting to disable TLS 1.1 and previous version.
However, we are going to release in the upcoming days version 4.1.1 of IVR, where only TLS 1.2 and 1.3 are supported.

julius.susmina · May 16, 2025, 12:53pm

Noted. Thank you. What date next week are we looking at to publish the version update?

julius.susmina · May 16, 2025, 2:04pm

I think the IVR update is now out. @ADL

ADL · May 16, 2025, 6:12pm

Yes, I just posted the anouncement. v.4.1.1 resolve your TLS issue.