FAQ

Are agents or network-based scans easier to run?

The ease or difficulty of each scanning method depends on your environment and your organizational needs.

Consider the following questions:

  • Is it possible to install a Tenable Nessus scanner and possibly a Tenable Network Monitor in every network segment?
  • Would it be easier to install fewer Tenable Nessus Managers (for example, one or three) and allow the agents to report back in over and through hops and firewalls, etc.?
  • Are all your systems online, connected, and reporting back full results during your scan windows?
  • Are all systems, when sleeping, configured correctly and respond appropriately to wake-on-lan?
  • Do you spend time trying to keep track or obtain the current credentials for many systems?
  • Does your network include laptops that work remotely that you cannot credential scan through VPN or when not connected to the organization network directly?

What plugins work with agents / credentialed scans?

Note: The Tenable Research team is constantly adding and updating plugins. For a comprehensive list of plugins, see https://www.tenable.com/plugins.

Most plugins work with Tenable Agents. The exceptions include: 

  • Plugins that work based on remotely disclosed information or that detect activity performed through remote connectivity, such as logging into a DB server, trying default credentials (brute force), or traffic-related enumeration.
  • Plugins related to network checks.

There are also cases where there is overlap in the intent of the check. For example, if you use OS fingerprinting without credentials in a network-based scan and query the system for the exact version of its OS in a credentialed scan, this overlap heightens the credential findings over the network, since the network version tends to be a best guess.

What data does an agent send to Tenable Vulnerability Management / Tenable Nessus Manager?

Agents send the following data to Tenable Vulnerability Management/Tenable Nessus Manager:

  • Version information (agent version, host architecture)

  • Versions of installed Tenable plugins

  • OS information (for example, Microsoft Windows Server 2019 Enterprise Service Pack 1)

  • Tenable asset IDs (for example, /etc/tenable_tag on Unix, HKEY_LOCAL_MACHINE\SOFTWARE\Tenable\TAG on Windows)

  • Network interface information (network interface names, MAC addresses, IPv4 and IPv6 addresses, hostnames and DNS information if available)

  • Hostname if update_hostname is set to yes (see Advanced Settings for more information)

  • ClosedAWS EC2 instance metadata, if available:

    • privatelp

    • accountId

    • imageId

    • region

    • instanceType

    • availabilityZone

    • architecture

    • instanceId

    • local-hostname

    • public-hostname

    • public-ipv4

    • mac

    • iam/security-credentials/

    • public-keys/0/openssh-key

    • security-groups