Tenable Sensor Proxy

Software Requirements

Supported operating systems:
- Oracle Linux 8 and 9
- Red Hat Enterprise 8 and 9
- Tenable Core
Set up Tenable Sensor Proxy on your network where sensors can reach it internally and where Tenable Sensor Proxy can reach Tenable Vulnerability Management or Tenable Security Center directly with outbound traffic.

Note: Tenable Sensor Proxy does not support content delivery network (CDN)-based scan reports from Tenable Agents.

Hardware Requirements

Scenario	Minimum Recommended Hardware
Tenable Sensor Proxy with up to 50,000 sensors connected to Tenable Vulnerability Management	CPU — 4 2GHz cores Memory — 8 GB RAM Disk space — 100 GB
Tenable Sensor Proxy with more than 50,000 sensors connected to Tenable Vulnerability Management Note: Each instance of Tenable Sensor Proxy can support up to 100,000 linked sensors.	CPU — 4 2GHz cores Memory — 16 GB RAM Disk space — 100 GB
Tenable Sensor Proxy with up to 250 Tenable Web App Scanning scanners connected to Tenable Security Center	CPU — 4 2GHz cores Memory — 16 GB RAM Disk space — 100 GB

Scenario

Minimum Recommended Hardware

Tenable Sensor Proxy with up to 50,000 sensors connected to Tenable Vulnerability Management

CPU — 4 2GHz cores

Memory — 8 GB RAM

Disk space — 100 GB

Tenable Sensor Proxy with more than 50,000 sensors connected to Tenable Vulnerability Management

Note: Each instance of Tenable Sensor Proxy can support up to 100,000 linked sensors.

CPU — 4 2GHz cores

Memory — 16 GB RAM

Disk space — 100 GB

Tenable Sensor Proxy with up to 250 Tenable Web App Scanning scanners connected to Tenable Security Center

CPU — 4 2GHz cores

Memory — 16 GB RAM

Disk space — 100 GB

Note: Heavy usage of Tenable Sensor Proxy can cause the NGINX access log to grow substantially. Tenable recommends setting up log rotation to prevent running out of disk space.

Port Requirements

Sensor Proxy requires access to specific ports for inbound and outbound traffic.

Inbound Traffic

You must allow inbound traffic to the following ports.

Port	Traffic
TCP 22	Provides administrative SSH access for OS-level maintenance.
TCP 443	Communication to Sensor Proxy from Tenable sensors.

Outbound Traffic

You must allow outbound traffic to the following ports.

Port	Traffic
TCP 8837	Communication from Sensor Proxy to Tenable Security Center.
TCP 443	Communication from Sensor Proxy to Tenable Vulnerability Management.

Tenable Products

You must have a Tenable Vulnerability Management account or a Tenable Security Center account.
For Tenable Vulnerability Management, you must have Tenable Agents or Tenable Nessus scanners. For Tenable Security Center, you must have Tenable Web App Scanning scanners.