FAQ

The ease or difficulty of each scanning method depends on your environment and your organizational needs.

Consider the following questions:

• Is it possible to install a Tenable Nessus scanner and possibly a Tenable Nessus Network Monitor in every network segment?
• Would it be easier to install fewer Tenable Nessus Managers (for example, one or three) and allow the agents to report back in over and through hops and firewalls, etc.?
• Are all your systems online, connected, and reporting back full results during your scan windows?
• Are all systems, when sleeping, configured correctly and respond appropriately to wake-on-lan?
• Do you spend time trying to keep track or obtain the current credentials for many systems?
• Does your network include laptops that work remotely that you cannot credential scan through VPN or when not connected to the organization network directly?

Most plugins work with Tenable Nessus Agents. The exceptions include: 

• Plugins that work based on remotely disclosed information or that detect activity performed through remote connectivity, such as logging into a DB server, trying default credentials (brute force), or traffic-related enumeration.
• Plugins related to network checks.

There are also cases where there is overlap in the intent of the check. For example, if you use OS fingerprinting without credentials in a network-based scan and query the system for the exact version of its OS in a credentialed scan, this overlap heightens the credential findings over the network, since the network version tends to be a best guess.

Agents send the following data to Tenable Vulnerability Management/Tenable Nessus Manager:

• Version information (agent version, host architecture)

• Versions of installed Tenable plugins

• OS information (for example, Microsoft Windows Server 2019 Enterprise Service Pack 1)

• Tenable asset IDs (for example, /etc/tenable_tag on Unix, HKEY_LOCAL_MACHINE\SOFTWARE\Tenable\TAG on Windows)

• Network interface information (network interface names, MAC addresses, IPv4 and IPv6 addresses, hostnames and DNS information if available)

• Hostname if update_hostname is set to yes (see Advanced Settings for more information)

• AWS EC2 instance metadata, if available:

  • privatelp

  • accountId

  • imageId

  • region

  • instanceType

  • availabilityZone

  • architecture

  • instanceId

  • local-hostname

  • public-hostname

  • public-ipv4

  • mac

  • iam/security-credentials/

  • public-keys/0/openssh-key

  • security-groups