TOC & Recently Viewed

Recently Viewed Topics

Access Requirements

Your Tenable.io on-prem deployment must meet the following internet, network, and port requirements.

Internet Requirements

Your Tenable.io on-prem deployment requires access to the internet, with or without going through a proxy server. On-prem performs best with network speeds of 100 Mbps or above.

For more information about proxy use, see Proxy Configuration.

Network Requirements

Your Tenable.io on-prem deployment reserves 10.96.0.0/20 and 10.32.0.0/20 for its internal networks. If you want a device to communicate with on-prem, you must place the device outside the 10.96.0.0/20 and 10.32.0.0/20 IP address blocks.

Port Requirements

Your Tenable.io on-prem deployment requires access to specific ports for inbound and outbound traffic.

Inbound Traffic

You must allow inbound traffic to the following ports:

Port Traffic
22 All SSH connections.
443

The Tenable.io interface and NNM, Nessus scanner, Nessus agent, and Tenable Core for Web Application Scanning scanner connections.

3000 The Grafana interface, if enabled.
8000 The Tenable.io on-prem configuration interface.
8900 The Kibana interface, if enabled.

Outbound Traffic

You must allow outbound traffic to the following ports:

Port Traffic
22 All SSH connections.
443 The appliance.cloud.tenable.com server (for system updates) and the plugins.nessus.org server (for activation and plugin updates).
UDP 123 All NTP communications.

Copyright 2017 - 2018 Tenable, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc. Tenable, Tenable.io, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.