Patch Management

Nessus Manager can leverage credentials for the Red Hat Network Satellite, IBM BigFix, Dell KACE 1000, WSUS, and SCCM patch management systems to perform patch auditing on systems for which credentials may not be available to the Nessus scanner.

Options for these patch management systems can be found under Credentials in their respective drop-down boxes: Symantec Altiris, IBM BigFix, Red Hat Satellite Server, Microsoft SCCM, Dell KACE K1000, and Microsoft WSUS.

IT administrators are expected to manage the patch monitoring software and install any agents required by the patch management system on their systems.

Scanning with Multiple Patch Managers

If you provide multiple sets of credentials to Nessus for patch management tools, Nessus uses all of them. Available credentials are:

  • Credentials supplied to directly authenticate to the target
  • Dell KACE 1000
  • IBM BigFix
  • Microsoft System Center Configuration Manager (SCCM)
  • Microsoft Windows Server Update Services (WSUS)
  • Red Hat Network Satellite Server
  • Symantec Altiris

If you provide credentials for a host, as well as one or more patch management systems, Nessus compares the findings between all methods and report on conflicts or provide a satisfied finding. Use the Patch Management Windows Auditing Conflicts plugins to highlight patch data differences between the host and a patch management system.