TOC & Recently Viewed

Recently Viewed Topics

Tenable.sc (Formerly SecurityCenter) Hardware Requirements

Tip: Tenable rebranded SecurityCenter as Tenable.sc. For more information, see the announcement.

Use the following physical hardware recommendations for Tenable.sc as a guide when preparing your environment. Tenable.sc is not supported in cloud-based environments.

Note: Tenable strongly discourages deploying Tenable.sc or Tenable CoreTenable.sc in an environment shared with other Tenable applications.

Storage Requirements

Tenable recommends installing Tenable.sc on direct-attached storage (DAS) devices (or storage area networks (SANs), if necessary) with a storage latency of 10 milliseconds or less.

Tenable does not support installing Tenable.sc on network-attached storage (NAS).

Disk Space Requirements

Enterprise networks can vary in performance, capacity, protocols, and overall activity. Resource requirements to consider for deployments include raw network speed, the size of the network being monitored, and the configuration of the application. Processors, memory, and network cards will be heavily based on the former. Disk space requirements will vary depending on usage based on the amount and length of time data is stored on the system.

An important consideration is that Tenable.sc can be configured to save a snapshot of vulnerability archives each day. In addition, the size of the vulnerability data stored by Tenable.sc depends on the number and types of vulnerabilities, not just the number of hosts. For example, 100 hosts with 100 vulnerabilities each could consume as much data as 1,000 hosts with 10 vulnerabilities each. In addition, the output for vulnerability check plugins that do directory listings, etc. is much larger than Open Port plugins from discovery scans.

For networks of 35,000 to 50,000 hosts, Tenable has encountered data sizes of up to 25 GB. That number is based on storage of 50,000 hosts and approximately 500 KB per host.

Additionally, during active scanning sessions, large scans and multiple smaller scans have been reported to consume as much as 150 GB of disk space as results are acquired. Once a scan has completed and its results are imported, that disk space is freed up.

Tenable.sc Full Safe + Local Checks

Version

# of Hosts Managed by Tenable.sc

CPU Cores

Memory

Disk Space used for Vulnerability Trending

5.x

2,500 active IPs

4 2GHz cores

8 GB RAM

90 days: 125 GB

180 days: 250 GB

10,000 active IPs

8 3GHz cores

16 GB RAM

90 days: 450 GB

180 days: 900 GB

25,000 active IPs

16 3GHz cores

32 GB RAM

90 days: 1.2 TB

180 days: 2.4 TB

100,000 active IPs

32 3GHz cores

64 GB RAM

90 days: 4.5 TB

180 days: 9 TB

Tenable.sc Full Safe + Local Checks + 1 Configuration Audit

Version

# of Hosts Managed by Tenable.sc

CPU Cores

Memory

Disk Space used for Vulnerability Trending

5.x

2,500 active IPs

4 2GHz cores

8 GB RAM

90 days: 225 GB

180 days: 450 GB

10,000 active IPs

8 3GHz cores

16 GB RAM

90 days: 900 GB

180 days: 1.8 TB

25,000 active IPs

16 3GHz cores

32 GB RAM

90 days: 2.25 TB

180 days: 4.5 TB

100,000 active IPs

32 3GHz cores

128 GB RAM

90 days: 9 TB

180 days: 18 TB

Disk Partition Requirements

Tenable.sc installs into /opt/sc. Tenable highly recommends that you create the /opt directory on a separate disk partition. If you want to increase performance, consider using two disks: one for the operating system and one for the system deployed to /opt.

If required disk space exists outside of the /opt file system, mount the desired target directory using the command mount –-bind <olddir> <newdir>. Make sure that the file system is automatically mounted on reboot by editing the /etc/fstab file appropriately.

Note: Tenable.sc does not support using symbolic links for /opt/sc/. You can use symbolic links within /opt/sc/ subdirectories if instructed by Tenable.sc documentation or Tenable Support.

Deploying Tenable.sc on a server configured with RAID disks can also dramatically boost performance.

Tip:Tenable does not require RAID disks for even our largest customers. However, in one instance, response times for queries with a faster RAID disk for a customer with more than 1 million managed vulnerabilities moved from a few seconds to less than a second.

Network Interface Requirements

Gigabit or faster network cards are recommended for use on the Tenable.sc server. This is to increase the overall performance of web sessions, emails, LCE queries, and other network activities.

Copyright © 2019 Tenable, Inc. All rights reserved. Tenable, Tenable.io, Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc.. Tenable.sc, Lumin, Assure, and the Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.