Link to Tenable Security Center

During initial installation, you can install Tenable Nessus as a remote scanner linked to Tenable Security Center. If you choose not to link the scanner during initial installation, you can link your Tenable Nessus scanner later.

Note: Once you link Tenable Nessus to Tenable Security Center, it remains linked until you unlink it.

Note: Tenable Security Center does not send plugins to linked Nessus Managers. Nessus Manager pulls plugins directly from Tenable's plugin sites. Therefore, to update plugin sets, Nessus Manager needs access to the internet and Tenable's plugin sites (for more information, see the Which Tenable sites should I allow? community article). If your Nessus Manager does not have internet access, you can manually update its version and plugins offline (for more information, see Manage Nessus Offline).

Before you begin:

  • Configure Tenable Nessus as described in Configure Tenable Nessus.
  • If the Tenable Nessus scanner is or was previously linked to Tenable Vulnerability Management, Tenable Security Center, or Tenable Nessus Manager, you need to unlink the scanner or run the nessuscli fix --reset-all command (for more information, see Fix Commands).

To link Nessus to Tenable Security Center:

  1. On the Welcome to Nessus, select Managed Scanner.

  2. Click Continue.

    The Managed Scanner screen appears.

  3. From the Managed by drop-down box, select

  4. (Optional) To configure advanced settings such as proxy, plugin feed, and encryption password, click Settings.

    • (Optional) In the Proxy tab:
      1. In the Host box, type the hostname or IP address of your proxy server.
      2. In the Port box, type the port number of the proxy server.

        Note: To view the ports that Tenable products require, see the What ports are required for Tenable products? knowledge base article.
      3. In the Username box, type the name of a user account that has permissions to access and use the proxy server.
      4. In the Password box, type the password of the user account that you specified in the previous step.
      5. In the Auth Method drop-down box, select an authentication method to use for the proxy. If you do not know, select AUTO DETECT.
      6. If your proxy requires a preset user agent, in the User-Agent box, type the user agent name; otherwise, leave it blank.
      7. Click Save.
    • (Optional) In the Plugin Feed tab:
      1. In the Custom Host box, type the hostname or IP address of a custom plugin feed.
      2. Click Save.
    • (Optional) In the Encryption Password tab:
      1. In the Password box, type an encryption password.

        If you set an encryption password, Nessus encrypts all policies, scans results, and scan configurations. You must enter the password when Tenable Nessus restarts.

        Caution: If you lose your encryption password, it cannot be recovered by an administrator or Tenable Support.

      2. Click Save.
  5. Click Continue.

    The Create a user account screen appears.

  6. Create a Tenable Nessus administrator user account, which you use to log in to Tenable Nessus:
    1. In the Username box, enter a username.
    2. In the Password box, enter a password for the user account.

      Note: Passwords cannot contain Unicode characters.

  7. Click Submit.

    Tenable Nessus finishes the configuration process, which may take several minutes.

  8. Using the administrator user account you created, Sign In to Tenable Nessus.

What to do next:

  • Add the Tenable Nessus scanner to Tenable Security Center as described in Add a Nessus Scanner in the Tenable Security Center User Guide.