You are here: Getting Started > Install > Nessus Agent > Windows

TOC & Recently Viewed

Recently Viewed Topics

Install a Nessus Agent on Windows

Before You Begin

Nessus Agents can be deployed with a standard Windows service such as Active Directory (AD), Systems Management Server (SMS), or other software delivery system for MSI packages.

On Windows 7 x64 Enterprise, Windows 8 Enterprise, and Windows Server 2012, you may be required to perform a reboot to complete installation.

Nessus Agents can be deployed and linked using the command line interface. For example:

msiexec /i NessusAgent-<version number>-Win32.msi NESSUS_GROUPS="Agent Group Name" NESSUS_SERVER="192.168.0.1:8834" NESSUS_KEY=00abcd00000efgh11111i0k222lmopq3333st4455u66v777777w88xy9999zabc00 /qn

The following linking parameters are also available:

  • NESSUS_NAME
  • NESSUS_PROXY_AGENT
  • NESSUS_PROXY_PASSWORD
  • NESSUS_PROXY_SERVER
  • NESSUS_PROXY_USERNAME
  • NESSUS_CA_PATH

Retrieve Agent Linking Key from within Nessus

  1. Log in to Nessus.
  2. Select the button.
  3. On the Scanners / Agents / Linked page, select Agent > Linked and read the on-screen message.
    Agents can be linked to this manager using the provided key with the following setup instructions. Once linked, they must be added to a group for use when configuring scans.

    Also, linked agents will automatically download plugins from the manager upon connection. Please note, this process can take several minutes and is required before an agent will return scan results.

  4. Select the setup instructions link.

    The Agent Setup Instructions window appears.

  5. Record the host, port, and key values. These values will be used during the installation of the Nessus Agent.
  6. Select the Close button.

Download Nessus Agent

From the Nessus Agents Download Page, download the Nessus Agent specific to your operating system.

Start Nessus Agent Installation

  1. Navigate to the folder where you downloaded the Nessus Agent installer.
  2. Next, double-click the file name to start the installation process.

Complete the Windows InstallShield Wizard

  1. First, the Welcome to the InstallShield Wizard for Nessus Agent dialog box will appear. Select Next to continue.
  2. From the License Agreement window, read the terms of the Tenable Network Security Nessus software license and subscription agreement.
  3. Select the I accept the terms of the license agreement radio button, and then select the Next button.
  4. On the Destination Folder screen, select the Next button to accept the default installation folder. Otherwise, select the Change button to install Nessus in a different folder.

    Note: During the next step, you will need the Agent Key values: Key, Server (host), and Groups.

  5. On the Configuration Options screen, enter the Agent Key values: Key, Server (host), and Groups, and then select Next.

    Agent Key Values

    Required Values

    • Key
    • Server (host)

    Optional Value

    • Groups (Existing Agent Group(s) that you want your Agent to be a member of)

      If you do not specify an Agent Group during the install process, you can later add your linked Agent to an Agent Group within the Nessus UI.

    Note: Your Agent Name will be the computer name where the agent is installed.

  6. On the Ready to Install the Program screen, select Install.
  7. If presented with a User Account Control message, select Yes to allow the Nessus Agent to be installed.
  8. When the InstallShield Wizard Complete screen appears, select Finish.

Note: If you attempt to clone an Agent and link it to Nessus Manager, a 409 error may appear. This is because another machine has been linked with the same uuid value in the HKLM/Software/Tenable/TAG file. To resolve this issue, replace the value in the HKLM/Software/Tenable/TAG file with a valid UUIDv4 value.

Verify Linked Agent

  1. In Nessus, select the button .
  2. View the linked agents on the Scanners / Agents / Linked page.

Copyright © 2017. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.