Access Requirements

Your deployment must meet the following requirements.

Internet Requirements

You must have internet access to download Tenable Core files and perform online installs.

After you transfer a file to your machine, internet access requirements to deploy or update Tenable Core vary depending on your environment.

Note: You must reach appliance.cloud.tenable.com to install from the online ISOs (and to get online updates) and sensor.cloud.tenable.com to pick up scan jobs.

Environment Tenable Core Format Internet Requirement
Virtual Machine VMware .ova file Does not require internet access to deploy or update Tenable Core.
Hardware .iso image Requires internet access to install or update Tenable Core.

Tip: You do not need access to the internet when you install updates to via an offline .iso file. For more information, see Update Tenable Core Offline.

Port Requirements

Your Tenable Core deployment requires access to specific ports for inbound and outbound traffic. Tenable Security Center also requires application-specific port access. For more information, see Port Requirements in the Tenable Security Center User Guide.OT Security also requires application-specific port access. For more information, see Firewall Considerations.

Inbound Traffic

Allow inbound traffic to the following ports:

Note: Inbound traffic refers to traffic from users configuring Tenable Core.

Port Traffic
TCP 22 Inbound SSH connections.
TCP 443 Inbound communications to the OT Security interface.
TCP 8000

Inbound HTTPS communications to the Tenable Core interface.

Outbound Traffic

Allow outbound traffic to the following ports:

Port Traffic
TCP 22 Outbound SSH connections, including remote storage connections.
TCP 443 Outbound communications to the appliance.cloud.tenable.com and sensor.cloud.tenable.com servers for system updates.
UDP 53 Outbound DNS communications for OT Security and Tenable Core.