Recently Viewed Topics
Install a Nessus Agent on Windows
Caution: If you install a Nessus Agent, Manager, or Scanner on a system with an existing Nessus Agent, Manager, or Scanner running
nessusd, the installation process will kill all other
nessusd processes. You may lose scan data as a result.
Before You Begin
Nessus Agents can be deployed with a standard Windows service such as Active Directory (AD), Systems Management Server (SMS), or other software delivery system for MSI packages.
On Windows 7 x64 Enterprise, Windows 8 Enterprise, and Windows Server 2012, you may be required to perform a reboot to complete installation.
Nessus Agents can be deployed and linked using the command line. For example:
msiexec /i NessusAgent-<version number>-x64.msi NESSUS_GROUPS="Agent Group Name" NESSUS_SERVER="192.168.0.1:8834" NESSUS_KEY=00abcd00000efgh11111i0k222lmopq3333st4455u66v777777w88xy9999zabc00 /qn
Note: The NESSUS_GROUPS parameter accepts group names. Quotations are necessary only when listing multiple groups, or one group with spaces in its name. See the following examples:
- "Group Name"
- "Group, Another Group"
Retrieve Agent Linking Key from within Nessus
- Log in to Nessus.
- Select the button.
On the Scanners / Agents / Linked page, select Agent > Linked and read the on-screen message.
Agents can be linked to this manager using the provided key with the following setup instructions. Once linked, they must be added to a group for use when configuring scans.
Also, linked agents will automatically download plugins from the manager upon connection. Please note, this process can take several minutes and is required before an agent will return scan results.
Select the setup instructions link.
The Agent Setup Instructions window appears.
- Record the host, port, and key values. These values will be used during the installation of the Nessus Agent.
- Select the Close button.
Download Nessus Agent
From the Nessus Agents Download Page, download the Nessus Agent specific to your operating system.
Windows Server 7, and 8 (32-bit)
Start Nessus Agent Installation
- Navigate to the folder where you downloaded the Nessus Agent installer.
- Next, double-click the file name to start the installation process.
Complete the Windows InstallShield Wizard
- First, the Welcome to the InstallShield Wizard for Nessus Agent dialog box will appear. Select Next to continue.
- From the License Agreement window, read the terms of the Tenable, Inc. Nessus software license and subscription agreement.
- Select the I accept the terms of the license agreement radio button, and then select the Next button.
On the Destination Folder screen, select the Next button to accept the default installation folder. Otherwise, select the Change button to install Nessus in a different folder.
Note: During the next step, you will need the Agent Key values: Key, Server (host), and Groups.
On the Configuration Options screen, enter the Agent Key values: Key, Server (host), and Groups, and then select Next.
Agent Key Values
- Server (host)
Groups (Existing Agent Group(s) that you want your Agent to be a member of)
If you do not specify an Agent Group during the install process, you can later add your linked Agent to an Agent Group within the Nessus UI.
Note: Your Agent Name will be the computer name where the agent is installed.
- On the Ready to Install the Program screen, select Install.
- If presented with a User Account Control message, select Yes to allow the Nessus Agent to be installed.
- When the InstallShield Wizard Complete screen appears, select Finish.
Note: If you attempt to clone an Agent and link it to Nessus Manager, a 409 error may appear. This is because another machine has been linked with the same uuid value in the
HKLM/Software/Tenable/TAG file. To resolve this issue, replace the value in the
HKLM/Software/Tenable/TAG file with a valid UUIDv4 value.
Verify Linked Agent
- In Nessus, select the button .
View the linked agents on the Scanners / Agents / Linked page.