Initech Customer Case Study
A customer, Initech, was using a tiered Tenable Tenable.sc deployment across a large federated environment consisting of 30+ sub-organizations, 40,000 users, 60,000 devices, and 150,000+ active IPs. They performed weekly network vulnerability assessments with over 75 scanners at sites located around the United States.
Initech had a reporting requirement to perform more frequent assessments of their systems and to be able to remotely gather data from user laptops when they were off-site. Initech deployed over 50,000 Nessus Agents to accomplish this task, using a hybrid model with both Nessus Managerand Tenable.io, feeding data back into Tenable.sc for analytics and reporting.
The intent of this case study is to highlight key configuration considerations that were implemented when Initech moved forward with deploying Nessus Agents.
The primary goals defined by Initech to measure the success of the Tenable Nessus Agent project were to gather data more frequently, assess remote systems, and reduce the burden posed by managing credentials across a large disparate enterprise.
A Nessus Manager and Tenable.io hybrid deployment was used for Nessus Agents in their enterprise environment. Tenable.io was required for user workstation Nessus Agent scan operations, and Nessus Manager was used for servers and other permanent on-premise infrastructure.
- Initech used the scaling ability, uptime guarantee, and cloud flexibility of Tenable.io to meet the dynamic requirements of a constantly changing workstation environment.
- Initech used Nessus Manager, an on-premise solution, to provide more user control over the scan data for more sensitive systems, such as server infrastructure.
Initech leveraged their existing Tenable.sc infrastructure to achieve their vulnerability management program goals by importing agent scan data from Nessus Manager and Tenable.io into Tenable.sc for unified reporting and analytics.
The hybrid deployment is illustrated in the following diagram:
For more information on the tiered deployment, see: