Link to Tenable Vulnerability Management

During initial installation, you can install Tenable Nessus as a remote scanner linked to Tenable Vulnerability Management. If you choose not to link the scanner during initial installation, you can link your Tenable Nessus scanner later. Once you link Tenable Nessus to Tenable Vulnerability Management, it remains linked until you unlink it.

Note: If you use domain allow lists for firewalls, Tenable recommends adding *.cloud.tenable.com (with the wildcard character) to the allow list. This ensures communication with sensor.cloud.tenable.com, which the scanner uses to communicate with Tenable Vulnerability Management.

Note: If you are connecting to Tenable Vulnerability Management through Tenable Nessus scanners, Tenable Nessus Agents, Tenable Web App Scanning scanners, or Tenable Nessus Network Monitors (NNM) located in mainland China, you must connect through sensor.cloud.tenablecloud.cn instead of sensor.cloud.tenable.com.

Before you begin:

  • Configure Tenable Nessus as described in Configure Tenable Nessus.
  • If the Tenable Nessus scanner is or was previously linked to Tenable Vulnerability Management, Tenable Security Center, or Tenable Nessus Manager, you need to unlink the scanner or run the nessuscli fix --reset-all command (for more information, see Fix Commands).

To link Tenable Nessus to Tenable Vulnerability Management from the Tenable Nessus user interface:

  1. On the Welcome to Nessus screen, select Link Nessus to another Tenable product.

  2. Click Continue.

    The Managed Scanner screen appears.

  3. From the Managed by drop-down box, select Tenable.io.

  4. In the Linking Key box, type the linking key of your Tenable Vulnerability Management instance.
  5. Click Continue.

    The Create a user account screen appears.

  6. Create a Tenable Nessus administrator user account that you use to log in to Tenable Nessus:
    1. In the Username box, enter a username.
    2. In the Password box, enter a password for the user account.

      Note: Passwords cannot contain Unicode characters.

  7. Click Submit.

    Tenable Nessus finishes the configuration process, which may take several minutes.

  8. Using the administrator user account you created, Sign In to Tenable Nessus.

To link Tenable Nessus to Tenable Vulnerability Management from the command line interface (CLI):

If you registered or linked Tenable Nessus previously, you need to reset Tenable Nessus before linking to Tenable Vulnerability Management.

Run the following commands to reset Tenable Nessus and link to Tenable Vulnerability Management based on your operating system. To retrieve the linking key needed in the following commands, see Link a Sensor in the Tenable Vulnerability Management User Guide.

Note: The --reset-all command used in the following steps removes any existing users, data, settings, and configurations. Tenable recommends exporting scan data and creating a backup before resetting. For more information, see Backing Up Tenable Nessus.
Note: When running the adduser command in the following steps, create the user as a full administrator/system administrator when prompted.