Tenable Nessus Scanner Hardware Requirements

Enterprise networks can vary in performance, capacity, protocols, and overall activity. Resource requirements to consider for Tenable Nessus deployments include raw network speed, the size of the network being monitored, and the Tenable Nessus configuration.

Tenable Nessus Scanners and Tenable Nessus Professional

The following table lists the hardware requirements for Tenable Nessus scanners and Tenable Nessus Professional.

Scenario

Minimum Recommended Hardware

Scanning up to 50,000 hosts per scan

CPU: 4 2GHz cores

Memory: 4 GB RAM (8 GB RAM recommended)

Disk space: 30 GB, not including space used by the host operating system

Note: Your usage (e.g., scan results, plugin updates, and logs) increases the amount of disk space needed over time.

Scanning more than 50,000 hosts per scan

CPU: 8 2GHz cores

Memory: 8 GB RAM (16 GB RAM recommended)

Disk space: 30 GB, not including space used by the host operating system

Note: Your usage (e.g., scan results, plugin updates, and logs) increases the amount of disk space needed over time.

Tenable Nessus Manager

The following table lists the hardware requirements for Tenable Nessus Manager.

Note: To view the hardware requirements for Nessus Manager clustering, see Clustering System Requirements.

Scenario

Minimum Recommended Hardware

Nessus Manager with 0-10,000 agents

CPU: 4 2GHz cores

Memory: 16 GB RAM

Disk space: 5 GB per 5,000 agents per concurrent scan

Note: Scan results and plugin updates require more disk space over time.

Nessus Manager with 10,001-20,000 agents

 

CPU: 8 2GHz cores

Memory: 32 GB RAM

Disk space: 5 GB per 5,000 agents per concurrent scan

Note: Scan results and plugin updates require more disk space over time.

Note: Engage with your Tenable representative for large deployments.

Virtual Machines

Tenable Nessus can be installed on a virtual machine that meets the same requirements. If your virtual machine is using Network Address Translation (NAT) to reach the network, many of the Tenable Nessus vulnerability checks, host enumeration, and operating system identification are negatively affected.

Note: Only one virtualized Tenable Nessus scanner can be run on any physical host. Tenable Nessus relies on low-level network operations and requires full access to the host's network interface controller (NIC). In a virtualization environment (e.g., Hyper-V, Docker), this can cause incorrect scanner behavior, or host instability, if more than one virtualized Tenable Nessus scanner attempts to share a single physical NIC.