Tenable Nessus Plugin and Software Updates
The following topic describes how Tenable Nessus receives plugin and software updates based on configuration and license type. Tenable Nessus plugins and software updates differently depending on how it is configured during the initial setup.
| Tenable Nessus Configuration | Plugin Updates | Software Updates |
|---|---|---|
|
Tenable Nessus standalone installation |
By default, standalone Tenable Nessus is configured to receive plugins from plugins.nessus.org automatically on a daily interval. You can also trigger a manual update by navigating to the Settings > About page and clicking |
By default, Tenable Nessus receives software updates from downloads.nessus.org automatically. If the following criteria is met, there is a banner at the top of the Tenable Nessus user interface when an update is available:
To configure automatic updates, see Update Tenable Nessus Software. |
|
Tenable Nessus offline installation |
For offline devices, you need to install plugins manually. For more information, see Update Plugins Offline. | For offline devices, you need to upgrade the Tenable Nessus software manually with the upgrade method dependent on the operating system that Tenable Nessus is installed on. For more information, see Update Nessus Manager Manually on an Offline System. |
|
Tenable Nessus managed by Tenable Security Center |
Tenable Nessus receives plugins from Tenable Security Center. Tenable Security Center checks in with Tenable Nessus every 15 minutes to see if the Tenable Nessus plugin set matches the Tenable Security Center set. If it does not match, then Tenable Security Center provides a new set of plugins. | Tenable Nessus scanners managed by Tenable Security Center do not update their software automatically. The only exception to this is if Tenable Nessus is installed on Tenable Core and automatic updates are enabled. |
|
Tenable Nessus linked to Tenable Vulnerability Management |
Devices linked to Tenable Vulnerability Management receive plugins from cloud.tenable.com. |
Tenable Nessus linked to Tenable Vulnerability Management receives software updates from cloud.tenable.com automatically. Tenable Nessus checks in to Tenable Vulnerability Management once every 24 hours for core software updates by default. |
|
Tenable Nessus Agents managed by Tenable Nessus Manager |
Tenable Nessus Agents receive plugins from their Tenable Nessus Manager. Once deployed, agents download a full plugin set from their Tenable Nessus Manager instance. Once the agent downloads a full plugin set, it downloads differential plugin sets from its manager moving forward, unless the set becomes more than 5 days out of date. |
Tenable Nessus Agents receive software updates from their Tenable Nessus Manager. Agents check in for core software updates every 24 hours, dependent on when the agent was deployed. If the agent is offline at its usual update time, such as if the agent host is off, it checks for software updates when it comes back online, and that becomes the agent's new update time. |
|
Tenable Nessus Agents managed by Tenable Vulnerability Management |
Tenable Nessus Agents receive plugins from Tenable Vulnerability Management. Once deployed, agents download a differential plugin set at scan time. Only the plugins needed for the scan are downloaded. If a scan policy requires all plugins, the agent performs a full plugin update instead. |
Tenable Nessus Agents receive software updates from Tenable Vulnerability Management. Agents check in for core software updates every 24 hours, dependent on when the agent was deployed. If the agent is offline at its usual update time, such as if the agent host is off, it checks for software updates when it comes back online, and that becomes the agent's new update time. |
next to the Last Updated section. You can check the current installed plugin set in the same section.