Adaptive Sensing Page

The Adaptive Sensing page lists all manual and scheduled adaptive sensing jobs. The Adaptive Sensing table shows the following information about adaptive sensing jobs:

  • Name - The name of the adaptive sensing job.
  • Description - The description of the adaptive sensing job.
  • Schedule - The type of schedule for the adaptive sensing job.
  • Status icon - The status of the adaptive sensing job (e.g. Pending, Running, Failed).
  • Last Modified - The date and time at which the adaptive sensing job was last modified.

The job can be either a Nessus Smart-Scan or a Device Inquiry. To use Adaptive Sensing, Tenable recommends taking a collection of assets initially identified passively and using Adaptive Sensing to flush out more details.


Adaptive Sensing Smart Scans

Adaptive Sensing Smart-Scans are used on assets identified via passive monitoring as IT assets. You can identify the IT assets and run a Nessus Smart-Scan against them to bring back more details. IT assets are assumed to be more robust, so running an active job against an IT type asset is a reasonable option to identify additional asset details. Smart-Scan or Nessus Smart-Scan refers to a Nessus configuration option to exclude OT devices from being scanned via Nessus. The Nessus scan profile used for the job launched from IS is a Host Discovery scan profile.

Device Inquiry

The Device Inquiry uses the Common Industrial Protocol (CIP) to request an ICS Device to provide identification type information. If the ISC Device that receives the CIP request can process the CIP request, the device responds with identification information that IS then loads into its data model.

For device inquiry to function properly, IS needs a writable network interface on the Process Control Network (PCN). You must configure any firewalls between the writeable network interface and the target being queried to accept inbound traffic for IS. For example, if CIP queries happen over port 44818, any intervening firewalls between IS and the PCN must permit port 44818.

Launch a Job

You can launch a manual job once on demand, or schedule a job to run in the future.

From the Adaptive Sensing page, you can: