:

Mobile Credentials

ActiveSync

Option	Default	Description
Domain Controller	--	The domain controller for ActiveSync.
Domain	--	The Windows domain for ActiveSync.
Domain Username	--	The username for the domain administrator's account that Tenable Nessus uses to authenticate to ActiveSync.
Domain Password	--	The password for the domain administrator user.
Scanner	--	Specifies which scanner Tenable Nessus uses when scanning the server. Tenable Nessus can only use one scanner to add data to a mobile repository.
Update Schedule	Every day at 12:30 -04:00	Specifies when Tenable Nessus scans the server to update the mobile repository. On each scan, Tenable Nessus removes the current data in the repository and replaces it with data from the latest scan.

AirWatch

Option	Default Value	Description	Required
AirWatch Environment API URL	–	The Workspace ONE API URL endpoint. (e.g., https://xxx.awmdm.com/api)	yes
Port	443	The TCP port that AirWatch listens on for communications from Tenable.	yes
Username	–	The username for the AirWatch user account Tenable uses to authenticate to Workspace One's API.	yes
Password	–	The password for the AirWatch user.	yes
API Key	–	The API key for the VMware Workspace ONE API.	yes
HTTPS	Enabled	Enable for Tenable Nessus to authenticate over an encrypted (HTTPS) or an unencrypted (HTTP) connection.	no
Verify SSL Certificate	Enabled	Enable for Tenable Nessus to verify if the SSL Certificate on the server is signed by a trusted CA.	no

Apple Profile Manager

Option	Description	Required
Server	The server URL to authenticate with Apple Profile Manager.	yes
Port	Set to use a different port to authenticate with Apple Profile Manager.	no
Username	The username to authenticate.	yes
Password	The password to authenticate.	yes
HTTPS	Set to use HTTPS instead of HTTP.	no
Verify SSL Certificate	Verify whether the SSL Certificate on the server is signed by a trusted CA.	no
Global Credential Settings
Force device updates	Force devices to update with Apple Profile Manager immediately.	no
Device update timeout	Number of minutes to wait for devices to reconnect with Apple Profile Manager	no

Blackberry UEM

Option	Description
Hostname	The server URL to authenticate with Blackberry UEM.
Port	The port to use to authenticate with Blackberry UEM.
Tenant	The SRP ID in Blackberry UEM. Note: To locate the SRP ID in Blackberry UEM: In the Blackberry UEM top navigation bar, click the Help drop-down. Click About Blackberry UEM. An information window containing the SRP ID appears. Copy the SRP ID.
Domain	The domain name for Blackberry UEM.
Username	The username for the account you want Tenable Nessus to use to authenticate to Blackberry UEM.
Password	The password for the account you want Tenable Nessus to use to authenticate to Blackberry UEM.
HTTPS	When enabled, Tenable Nessus uses an encrypted connection to authenticate with Blackberry UEM.
Verify SSL Certificate	When enabled, Tenable Nessus verifies that the SSL Certificate on the server is signed by a trusted CA.

Good MDM

Option	Description	Required
Server	The server URL to authenticate with Good MDM.	yes
Port	Set the port to use to authenticate with Good MDM.	yes
Domain	The domain name for Good MDM.	yes
Username	The username to authenticate.	yes
Password	The password to authenticate.	yes
HTTPS	Set to use HTTPS instead of HTTP.	no
Verify SSL Certificate	Verify whether the SSL Certificate on the server is signed by a trusted CA.	no

Intune

Option	Description
Tenant	The Microsoft Azure Directory (tenant) ID visible in your App registration.
Client	The Microsoft Azure Application (client) ID generated during your App registration.
Secret	The secret key generated when you created your client secret key in Microsoft Azure.
Username	The username for the account you want Tenable Nessus to use to authenticate to Intune.
Password	The password for the account you want Tenable Nessus to use to authenticate to Intune.

MaaS360

Option	Description	Required
Username	The username to authenticate.	yes
Password	The password to authenticate.	yes
Root URL	The server URL to authenticate with MaaS360.	yes
Platform ID	The Platform ID provided for MaaS360.	yes
Billing ID	The Billing ID provided for MaaS360.	yes
App ID	The App ID provided for MaaS360.	yes
App Version	The App Version of MaaS360.	yes
App access key	The App Access Key provided for MaaS360.	yes
Collect All Device Data	When enabled, the scan collects all data types. When disabled, the scan collects one or more types of data to decrease the scan time. When disabled, choose one or more of the following collection options: Collect Device Summary Collect Device Applications Collect Device Compliance Collect Device Policies	no

MobileIron

Option	Description	Required
VSP Admin Portal URL	The server URL Tenable Nessus uses to authenticate to the MobileIron administrator portal.	yes
VSP Admin Portal Port	The port Tenable Nessus uses to authenticate to the MobileIron administrator portal (typically, port 443 or 8443). The system assumes port 443 by default.	no
Port	The port Tenable Nessus uses to authenticate to MobileIron (typically, port 443).	no
Username	The username for the account you want Tenable Nessus to use to authenticate to MobileIron.	yes
Password	The password for the account you want Tenable Nessus to use to authenticate to MobileIron.	yes
HTTPS	When enabled, Tenable Nessus uses an encrypted connection to authenticate to MobileIron.	no
Verify SSL Certificate	When enabled, Tenable Nessus verifies that the SSL Certificate on the server is signed by a trusted CA.	no

Workspace ONE

Option	Default Value	Description	Required
Workspace ONE Environment API URL	–	The Workspace ONE API url endpoint. (e.g., https://xxx.awmdm.com/api)	yes
Port	443	The TCP port that Workspace ONE listens on for communications from Tenable.	yes
Workspace ONE Username	–	The username for the Workspace ONE user account Tenable uses to authenticate to Workspace ONE's API.	yes
Workspace ONE Password	–	The password for the Workspace ONE user.	yes
API Key	–	The API key for the VMware Workspace ONE API.	yes
HTTPS	Enabled	Enable for Tenable Nessus to authenticate over an encrypted (HTTPS) or an unencrypted (HTTP) connection.	no
Verify SSL Certificate	Enabled	Enable for Tenable Nessus to verify if the SSL Certificate on the server is signed by a trusted CA. Tip: If you are using a self-signed certificate, disable this setting.	no
Collect All Device Data	Yes	Collects all device data required for plugin checks.	no
Collect Device Applications	Yes	(Enabled if Collect All Device Data is set to "No") Collects applications installed on mobile devices.	no

Copyright © 2024 Tenable, Inc. All rights reserved. Tenable, Tenable Nessus, Tenable Lumin, Assure, and the Tenable logo are registered trademarks of Tenable, Inc. or its affiliates. All other products or services are trademarks of their respective owners.