TOC & Recently Viewed

Recently Viewed Topics

Basic Configuration

The Basic Configuration section comprises the essential configuration needed for an LCE server to function. The items in this section are addressed in the initial Quick Setup, but can be changed in this section at a later time if the need arises.

Each menu option for the Basic section is covered in detail below.

Option Description

Server Address

The IP address of the network interface(s) that the LCE server listens on. More than one interface may be specified on separate lines:

 

127.0.0.1

172.0.0.2

 

By default, or if left blank the above LCE services will listen on all available network addresses.

LCE Client Port

The port number that the LCE server listens on. By default, port 31300.

UDP Syslog Port

By default, the LCE server listens for UDP syslog traffic on port 514. If the environment requires the LCE server to listen on a different port, this setting may be changed.

Note: Only ASCII-encoded syslog is accepted.

TCP Syslog Port

By default, the LCE server listens for TCP syslog traffic on port 601. If the environment requires the LCE server to listen on a different port, this setting may be changed.

Note: Only ASCII-encoded syslog is accepted.

Encrypted TCP Syslog Listen Port

By default, the LCE server listens for encrypted TCP syslog traffic on port 6514. If the environment requires the LCE server to listen on a different port, this setting may be changed.

Note: Only ASCII-encoded encrypted syslog is accepted.

SNMP Port By default, the LCE server listens for SNMP traffic on port 6514. If the environment requires the LCE server to listen on a different port, this setting may be changed.

Include Networks

Defines the internal network range. All networks specified in the first section are included.

Note: Make sure this range matches IP addresses that are considered internal from an event perspective. This range is used by a number of TASL scripts and the stats daemon to define inbound, outbound, and internal specifications for LCE events. This is different from the Directions filter on the SecurityCenter events page, which uses the managed ranges of the active user to determine event direction.

Exclude Networks

Defines networks that should be excluded from the ranges specified for Include Networks.

Allow only TLSv1.2 Disables all SSL/TLS support prior to TLS 1.2 for all SSL interfaces for PCI DSS compliance.

Copyright © 2017. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.