Split Security Engine Node (SEN) Services
The standard architecture for the Tenable Identity Exposure on-premises platform uses three virtual machines (VMs) by default for the Storage Manager, Security Engine Node, and Directory Listener.
However, if the environment that you monitor has more than 150K users, you can split the Security Engine Node (SEN) over five different machines to improve performance.
The installation process installs the following Tenable Identity Exposure components:
| VM # | vCPU (per instance) |
Memory (per instance) |
Disk Space (per instance) |
Recommended Service | Service Description |
|---|---|---|---|---|---|
| 1 | 8 cores — at least 2.6 GHz | 16 GB of RAM | 1 TB | RabbitMQ | A message broker between services. |
| 2 | 8 cores — at least 2.6 GHz | 16 GB of RAM | 100 GB | Attack Path | Computes attack path relations and maintaining them over time. |
| 3 | 12 cores — at least 2.6 GHz | 32 GB of RAM | 300 GB | Cephei | Computes values for different analytics used for the Tenable Identity Exposure dashboards. |
| CetiBridge | Communication plugins and service in charge of communicating with the Active Directory. | ||||
| Electra | Manages web sockets to update information without reloading the user interface. | ||||
| Enif | Authenticates web users. | ||||
| Eridanis | Connects to the SQL Server; ensures the exactness of Tenable Identity Exposure's information. | ||||
| Eltanin | Sends data to the Tenable Cloud, if enabled in Tenable Identity Exposure. | ||||
| Health Check | Alerts configuration anomalies leading to connectivity or other issues in the infrastructure. | ||||
| Kapteyn | Runs in the end user's browser to show the user interface. | ||||
| 4 | 16 cores — at least 2.6 GHz | 16 GB of RAM | 100 GB | Cancri | Decodes raw information; fetches delta between events; computes event type. |
| EventLogsDecoder | Decodes information related to IOA events. | ||||
| 5 | 16 cores — at least 2.6 GHz | 32 GB of RAM | 100 GB | Cygni | Computes deviances and attacks. |
For more information, see Resource Sizing for requirements.
SEN Installation on Several Machines
To install the Security Engine Node on several machines, you select the services to install on each specific virtual machine.
Public Key Infrastructure (PKI) Certificate
To use peer verification, your PKI certificate must include the IP addresses or DNS of all the machines used to install Tenable Identity Exposure.
Example
The following example shows an installation of RabbitMQ and Attack Path on one virtual machine.
To install the RabbitMQ and Attack Path services on a VM:
See also
-
Resource Sizing for Security Engine Node
-
Install Tenable.ad