Agent Deployment Workflow

The following document outlines the recommended workflow for deploying Tenable Nessus Agents.

Tip: Click a box to view the relevant task.

Before you begin:

  • If you are using Tenable Nessus Manager to manage Tenable Nessus Agents, you must deploy and configure Tenable Nessus Manager before you deploy Tenable Nessus Agents. For more information, see Install Tenable Nessus in the Tenable Nessus User Guide.
  • If you are using Tenable Vulnerability Management to manage your Tenable Nessus Agents, you do not need to execute a preliminary deployment.

To deploy Tenable Nessus Agents:

  1. On each host, install Tenable Nessus Agents.

    As part of this step, you link the agent to the manager and verify that link. The link must be successful before you continue to the next step.

  2. (Optional) On the manager, create an agent group.
  3. (Optional) Modify the default agent settings.
  4. (Optional) Configure a freeze window.
  5. (Optional) Create agent profiles. For more information, see:
  6. Create a scan targeting the agent group. For more information, see:

    As part of this step, you configure the type of scan you want the agents to perform and the scan window during which agents communicate with the manager.

    The next time an agent in the specified agent group checks in during the scan window, it will download the scan policy from Tenable Nessus Manager or Tenable Vulnerability Management, run the scan, and upload the scan results back to the manager.