Policies
Required user role when using Tenable Nessus Manager: Standard, Administrator, or System Administrator
A policy is a set of predefined configuration options related to performing a scan. After you create a policy, you can select it as a template when you create a scan.
Tip: For information about default policy templates and settings, see Scan Templates.
Use the following procedures to manage your policies:

-
In the top navigation bar, click Scans.
The My Scans page appears.
-
In the left navigation bar, click Policies.
The Policies page appears.
-
In the upper right corner, click the New Policy button.
The Policy Templates page appears.
-
Click the policy template that you want to use.
-
Configure the policy's settings.
-
Click the Save button.
Tenable Nessus saves the policy.

-
In the top navigation bar, click Scans.
The My Scans page appears.
- In the left navigation bar, click Policies.
-
In the policies table, select the check box on the row corresponding to the policy that you want to configure.
In the upper-right corner, the More button appears.
- Click the More button.
-
Click Configure.
The Configuration page for the policy appears.
- Modify the settings.
-
Click the Save button.
Tenable Nessus saves the settings.

You can export an existing scan policy in Tenable Nessus as a .nessus file and import it into a different Tenable Nessus installation. You can then view and modify the configuration settings for the imported policy.
To export a policy:
-
In the top navigation bar, click Scans.
The My Scans page appears.
-
In the left navigation bar, click Policies.
The Policies page appears.
-
In the row of the policy that you want to export, click
.
The policy downloads to your machine as a .nessus file. You can import the policy into a different Tenable Nessus installation, or you can save it for future use.

You can export a Tenable Nessus policy as a .nessus file and import it in a different Tenable Nessus installation. You can then view and modify the configuration settings for the imported policy. You cannot import a Nessus DB file as a policy.
To import a policy:
-
In the top navigation bar, click Scans.
The My Scans page appears.
-
In the left navigation bar, click Policies.
The Policies page appears.
-
In the upper-right corner, click Import.
Your browser's file manager window appears.
-
Browse to and select the scan file that you want to import.
Note: The supported file type is an exported Nessus (.nessus) file.
Tenable Nessus imports the file as a policy.

-
In the top navigation bar, click Scans.
The My Scans page appears.
- In the left navigation bar, click Policies.
-
On the policies table, on the row corresponding to the policy that you want to delete, click the
button.
A dialog box appears, confirming your selection to delete the policy.
-
Click the Delete button.
Tenable Nessus deletes the policy.
Policy Characteristics
- Parameters that control technical aspects of the scan such as timeouts, number of hosts, type of port scanner, and more.
- Credentials for local scans (for example, Windows, SSH), authenticated Oracle database scans, HTTP, FTP, POP, IMAP, or Kerberos based authentication.
- Granular family or plugin-based scan specifications.
- Database compliance policy checks, report verbosity, service detection scan settings, Unix compliance checks, and more.
- Offline configuration audits for network devices, allowing safe checking of network devices without needing to scan the device directly.
- Windows malware scans which compare the MD5 checksums of files, both known good and malicious files.