File and Process Allow List
If you use third-party endpoint security products such as anti-virus applications and host-based intrusion and prevention systems, you should add LCE to the allow list.
The following tables list the LCE Server and LCE Client folders, files, and processes that should be allowed.
LCE Server
| LCE Server |
|---|
| Folders |
| /opt/lce/* |
| /opt/lce/admin/log/* |
| /opt/lce/db/* |
| /tmp/* |
| /tmp/download_surge_domains |
| /tmp/download_surge_files |
| /tmp/user_tracking_day |
| /tmp/sw_tracking_day |
| /tmp/threatlist.tmp |
| /tmp/threaturl.tmp |
| /tmp/usb_tracking_day |
| /etc/logrotate.d/lce |
| /etc/keepalived/keepalived.conf |
| /etc/sysconfig/keepalived |
| /etc/systemd/system/keepalived.service |
| /usr/lib/systemd/system/keepalived.service |
| /var/run/keepalived |
| /usr/lib/firewalld/services/lce-server.xml |
| /etc/init.d/ |
| /var/lock/subsys/ |
| Files |
| /opt/lce/tools/optimize-datastore |
| /opt/lce/tools/cache-filter-pointers |
| /opt/lce/diag |
| /opt/lce/showids |
| /opt/lce/tasl |
| /opt/lce/daemons/lce_client_manager |
| /opt/lce/postgresql/bin/pg_basebackup |
| /opt/lce/postgresql/bin/pg_ctl |
| /opt/lce/postgresql/bin/pg_dump |
| /opt/lce/postgresql/bin/pg_isready |
| /opt/lce/postgresql/bin/pg_restore |
| /opt/lce/postgresql/bin/pg_rewind |
| /opt/lce/postgresql/bin/psql |
| /opt/lce/tools/archival-manager |
| /opt/lce/tools/check_fix-file_accessibility |
| /opt/lce/tools/cfg-utils |
| /opt/lce/tools/fwd-silo-cksum |
| /opt/lce/tools/ha-manager |
| /opt/lce/tools/msmtp |
| /opt/lce/tools/restart-all |
| /opt/lce/tools/send_syslog |
| /opt/lce/tools/start-all |
| /opt/lce/tools/stop-all |
| /opt/lce/tools/user-utils |
| Processes |
| /opt/lce/daemons/lced |
| /opt/lce/daemons/lce_queryd |
| /opt/lce/daemons/lce_report_proxyd |
| /opt/lce/daemons/lce_wwwd |
| /opt/lce/daemons/lce_tasld |
| /opt/lce/daemons/stats |
| /opt/lce/postgresql/bin/postgres |
| /opt/lce/ha/keepalived |
LCE Clients
| Tenable NetFlow Monitor |
|---|
| Folders |
| /opt/netflow_monitor/ |
| /etc/init.d/netflow_monitor |
| Processes |
| tfmd |
| Tenable Network Monitor |
| Folders |
| (Linux only) /opt/network_monitor/ |
| (FreeBSD only) /usr/local/network_monitor |
| /etc/init.d/network_monitor |
| Processes |
| tnmd |
| OPSEC Client |
| Folders |
| /opt/lce_opsec/* |
| /etc/init.d/lce_opsec |
| Files |
| lce_query_opsec |
| Processes |
| lce_opsecd |
| Tenable RDEP Monitor |
| Folders |
| /opt/rdep_monitor/ |
| /etc/init.d/rdep_monitor |
| Processes |
| trm |
| Tenable SDEE Monitor |
| Folders |
| /opt/sdee_monitor/ |
| /etc/init.d/sdee_monitor |
| Processes |
| lce_sdeed |
| Splunk Client |
| Folders |
| /opt/lce_splunk/ |
| /etc/init.d/lce_splunk |
| Processes |
| lce_splunkd |
| LCE Client for Linux |
| Folders |
| (FreeBSD only) /usr/local/lce_client/ |
| /opt/lce_client/ |
| (OSX only) /Library/LaunchDaemons/com.tenable.launchd.lceclient.plist |
| (AIX only) /etc/rc.d/init.d/lce_client |
| (HP-UX only) /sbin/init.d/lce_client |
| /etc/init.d/lce_client |
| Processes |
| lce_clientd |
| LCE Client for Windows |
| Folders |
| C:\Program Data\Tenable\LCEClient |
| C:\Program Files\Tenable\LCEClient |
| Files |
| server_assignment.exe |
| Processes |
| lce_client.exe |
| Web Query Client |
| Folders |
| /opt/lce_webquery/* |
| /etc/init.d/lce_webquery |
| Processes |
| lce_webqueryd |
| WMI Monitor Agent |
| Folders |
| /opt/wmi_monitor/* |
| /etc/init.d/wmi_monitor |
| Files |
| wmi_config_credentials wmic |
| Processes |
| lce_wmid |