Mobile Credentials
Tenable Nessus Manager can leverage credentials for patch management systems to perform patch auditing on systems for which credentials may not be available.
Note: Patch management integration is not available on Tenable Nessus Essentials, Tenable Nessus Professional, Tenable Nessus Expert, or managed Tenable Nessus scanners.
ActiveSync
| Option |
Default |
Description |
| Domain Controller |
-- |
The domain controller for ActiveSync.
|
| Domain
|
-- |
The Windows domain for ActiveSync.
|
| Domain Username
|
-- |
The username for the domain administrator's account that Tenable Nessus uses to authenticate to ActiveSync.
|
| Domain Password
|
-- |
The password for the domain administrator user.
|
| Scanner |
-- |
Specifies which scanner Tenable Nessus uses when scanning the server. Tenable Nessus can only use one scanner to add data to a mobile repository. |
| Update Schedule
|
Every day at 12:30 -04:00 |
Specifies when Tenable Nessus scans the server to update the mobile repository. On each scan, Tenable Nessus removes the current data in the repository and replaces it with data from the latest scan. |
AirWatch
Tip: To view whether your AirWatch credentials were successfully authenticated, view the plugin output of the integration_status.nasl plugin once the scan is complete. For more information, see Plugins.
| Option |
Default Value |
Description |
Required |
|
AirWatch Environment API URL
|
– |
The Workspace ONE API URL endpoint. (e.g., https://xxx.awmdm.com/api)
|
yes |
|
Port
|
443 |
The TCP port that AirWatch listens on for communications from Tenable.
|
yes |
|
Username
|
– |
The username for the AirWatch user account Tenable uses to authenticate to Workspace One's API.
|
yes |
|
Password
|
– |
The password for the AirWatch user.
|
yes |
|
API Key
|
– |
The API key for the VMware Workspace ONE API.
|
yes |
|
HTTPS
|
Enabled |
Enable for Tenable Nessus to authenticate over an encrypted (HTTPS) or an unencrypted (HTTP) connection.
|
no |
|
Verify SSL Certificate
|
Enabled |
Enable for Tenable Nessus to verify if the SSL Certificate on the server is signed by a trusted CA.
|
no |
Blackberry UEM
Tip: To view whether your Blackberry UEM credentials were successfully authenticated, view the plugin output of the integration_status.nasl plugin once the scan is complete. For more information, see Plugins.
| Option |
Description |
| Hostname |
The server URL to authenticate with Blackberry UEM. |
| Port |
The port to use to authenticate with Blackberry UEM. |
| Tenant |
The SRP ID in Blackberry UEM.
Note: To locate the SRP ID in Blackberry UEM:
- In the Blackberry UEM top navigation bar, click the Help drop-down.
-
Click About Blackberry UEM.
An information window containing the SRP ID appears.
- Copy the SRP ID.
|
| Domain |
The domain name for Blackberry UEM. |
| Username |
The username for the account you want Tenable Nessus to use to authenticate to Blackberry UEM. |
| Password |
The password for the account you want Tenable Nessus to use to authenticate to Blackberry UEM. |
| HTTPS |
When enabled, Tenable Nessus uses an encrypted connection to authenticate with Blackberry UEM. |
| Verify SSL Certificate |
When enabled, Tenable Nessus verifies that the SSL Certificate on the server is signed by a trusted CA. |
Intune
Tip: To view whether your Intune credentials were successfully authenticated, view the plugin output of the integration_status.nasl plugin once the scan is complete. For more information, see Plugins.
| Option |
Description |
| Tenant |
The Microsoft Azure Directory (tenant) ID visible in your App registration. |
| Client |
The Microsoft Azure Application (client) ID generated during your App registration. |
| Secret |
The secret key generated when you created your client secret key in Microsoft Azure. |
| Username |
The username for the account you want Tenable Nessus to use to authenticate to Intune. |
| Password |
The password for the account you want Tenable Nessus to use to authenticate to Intune. |
MaaS360
Tip: To view whether your MaaS360 credentials were successfully authenticated, view the plugin output of the integration_status.nasl plugin once the scan is complete. For more information, see Plugins.
| Option |
Description |
Required |
|
Username
|
The username to authenticate.
|
yes |
|
Password
|
The password to authenticate.
|
yes |
|
Root URL
|
The server URL to authenticate with MaaS360.
|
yes |
|
Platform ID
|
The Platform ID provided for MaaS360.
|
yes |
|
Billing ID
|
The Billing ID provided for MaaS360.
|
yes |
|
App ID
|
The App ID provided for MaaS360.
|
yes |
|
App Version
|
The App Version of MaaS360.
|
yes |
|
App access key
|
The App Access Key provided for MaaS360.
|
yes |
| Collect All Device Data |
When enabled, the scan collects all data types.
When disabled, the scan collects one or more types of data to decrease the scan time. When disabled, choose one or more of the following collection options:
|
no |
MobileIron
Tip: To view whether your MobileIron credentials were successfully authenticated, view the plugin output of the integration_status.nasl plugin once the scan is complete. For more information, see Plugins.
| Option |
Description |
Required |
|
VSP Admin Portal URL
|
The server URL Tenable Nessus uses to authenticate to the MobileIron administrator portal.
|
yes |
| VSP Admin Portal Port |
The port Tenable Nessus uses to authenticate to the MobileIron administrator portal (typically, port 443 or 8443). The system assumes port 443 by default. |
no |
|
Port
|
The port Tenable Nessus uses to authenticate to MobileIron (typically, port 443).
|
no |
|
Username
|
The username for the account you want Tenable Nessus to use to authenticate to MobileIron.
|
yes |
|
Password
|
The password for the account you want Tenable Nessus to use to authenticate to MobileIron.
|
yes |
|
HTTPS
|
When enabled, Tenable Nessus uses an encrypted connection to authenticate to MobileIron.
|
no |
|
Verify SSL Certificate
|
When enabled, Tenable Nessus verifies that the SSL Certificate on the server is signed by a trusted CA.
|
no |
Workspace ONE
Tip: To view whether your Workspace ONE credentials were successfully authenticated, view the plugin output of the integration_status.nasl plugin once the scan is complete. For more information, see Plugins.
| Option |
Default Value |
Description |
Required |
|
Workspace ONE Environment API URL
|
– |
The Workspace ONE API url endpoint. (e.g., https://xxx.awmdm.com/api)
|
yes |
|
Port
|
443 |
The TCP port that Workspace ONE listens on for communications from Tenable.
|
yes |
|
Workspace ONE Username
|
– |
The username for the Workspace ONE user account Tenable uses to authenticate to Workspace ONE's API.
|
yes |
|
Workspace ONE Password
|
– |
The password for the Workspace ONE user.
|
yes |
|
API Key
|
– |
The API key for the VMware Workspace ONE API.
|
yes |
|
HTTPS
|
Enabled |
Enable for Tenable Nessus to authenticate over an encrypted (HTTPS) or an unencrypted (HTTP) connection.
|
no |
|
Verify SSL Certificate
|
Enabled |
Enable for Tenable Nessus to verify if the SSL Certificate on the server is signed by a trusted CA.
Tip: If you are using a self-signed certificate, disable this setting.
|
no |
|
Collect All Device Data
|
Yes |
Collects all device data required for plugin checks.
|
no |
|
Collect Device Applications
|
Yes |
(Enabled if Collect All Device Data is set to "No") Collects applications installed on mobile devices.
|
no |