Set up Tenable Core

You can do the initial configuration of Tenable Core from both the CLI and the Tenable Core user interface.

Using the Tenable Core user interface is mandatory to finish the configuration for virtual appliance deployments.

Note: If you do not complete the setup wizard in ~30 minutes, restart the appliance.

Initial Configuration via Tenable Core User Interface

To complete the initial configuration via the Tenable Core user interface (available on https://<mgmt-IP>:8000) you need a working network connection to the appliance.

If you have not configured the management IP address, you can use either a directly connected PC or an appropriately configured network to reach the Tenable Core user interface on either of the following:

  • System Port 1 — default management interface, pre-configured with IP address 192.168.1.5/24

  • System Port 4 — engineering interface, pre-configured with IP address 192.168.3.3/24. If not changed later, this can be used for recovery procedures.

To connect to Tenable Core directly via your PC or laptop:

  1. Connect an Ethernet cable between your PC and one of the pre-configured ports on the OT Security appliance.

  2. On Windows, use win+R to open Run and type ncpa.cpl to open Network Connections.

  3. Right-click on your network connection (named Local Area Connection) and select Properties.

    The Local Area Connection Properties window appears.

  4. Select Internet Protocol Version 4 (TCP/IPv4) and click Properties.

    The Internet Protocol Version 4 (TCP/IPv4) Properties window appears.

  5. Select Use the following IP address.

  6. In the IP address box, type an appropriate IP address for the interface you are connecting to. For example, 192.168.1.10 for the default address of System port 1 or 192.168.3.10 for the default address of System port 4.

  7. In the Subnet mask box, type 255.255.255.0.

  8. Click OK.

  9. From your Chrome browser, navigate to https://<mgmt-ip>:8000.

  10. If you have not yet configured the administrator user account, the system prompts you to do so now, then re-login with your newly created user. For more information, see Create an initial Administrator Account.

    After creating the administrator account, Tenable recommends that you configure the management IP address. If you intend to use the split-port configuration, make sure the interfaces can reach the appropriate networks. For more information, see Network Considerations.

    Note: To configure or change the management IP address, log in to Tenable Core and enable administrative access and edit the network configuration.

Initial Configuration via CLI (Optional)

To configure Tenable Core using CLI:

  1. Connect to the OT Security appliance using the serial console as described in Clean Install Tenable Core + OT Security.

  2. Log in with username wizard and password admin.

    The Network Manager terminal interface appears.

  3. (Optional) To configure the management IP address, type y.

    Note: If you choose to skip this step, you can always access this option using the sudo nmtui command.

    1. Select System Port 1 (or System Port 3 if using the split-port configuration).

    2. Press Enter.

      The Edit Connection window appears.

    3. In the IPV4 Configuration box, change the option from <Automatic> to <Manual>.

      Note:

      • On virtual machines and non-Tenable provided Hardware, Port 1 is preset to Automatic IPv4 configuration (DHCP).

      • On Tenable-provided appliances, Port 1 is preset to 192.168.1.5/24. You can use this port to set up and directly connect the appliance for initial configuration, then change it later via the Tenable Core UI Networking tab or the sudo nmtui command from the CLI.

    4. Navigate using the arrow keys and configure your required IP address, Default-Gateway, DNS Servers. You can change this configuration later.

    5. Using the down-arrow, navigate to the bottom of the screen and select <OK>.

      The Network Manager window appears.

  4. Select <Quit>.

    The Network Manager terminal window appears with the prompt to create an administrator account.

  5. Type y and follow the prompts to create an administrator account. Use this account only to log in to Tenable Core (terminal console, SSH, and the Tenable Core user interface). Use separate accounts for the OT Security application.

  6. After you create the account, access the terminal through the console or a network connection (SSH or the Tenable Core interface (https://<mgmt-IP>:8000)) to log in.

    On virtual machines and non-Tenable hardware, a prompt appears on the Tenable Core > OT Security page to install OT Security.

What to do next

Install OT Security on Tenable Core