TOC & Recently Viewed

Recently Viewed Topics

Nessus Agent Operational Tier (Tenable.io)

The primary purpose for the Operational Tier (Tenable.io) was to perform agent management and agent scan operations.

Functions Performed

The following processes and uses take place in the Operational Tier (Tenable.io).

  • Deployed agents are linked to Tenable.io.
  • Agents are organized in agent groups. Agents can be assigned to agent groups during the installation process.
  • Agent scans are established to obtain assessment results from agents via agent groups.
  • Agents automatically have plugin and version updates applied by Tenable.io.
  • Customers can “opt-out” of having agent version updates automatically applied.

Considerations

  • Agents were deployed using ACME's internal software distribution processes (in this case, SCCM).
  • Agent groups included no more than 2,000 agents per group (1,000 is recommended). Limiting the number of agents in each agent group ensures that SecurityCenter is able to successfully import scan results. This limitation only applies when SecurityCenter is part of the deployment.
  • Agent scans were restricted to a single agent group each.
  • Agent group membership was established by functional zones (by location, role, etc.) for organizational purposes.
  • ACME monitored for agent deployment issues (failed installations, linking failures, etc.) out of band (logging client, scripts, etc.).
  • Nessus Agents only performed local vulnerability assessments and did not perform network-based assessment (for example, SSL or CGI network based assessments).
  • Network and firewalls were configured to allow Nessus Agents to communicate with https://cloud.tenable.com.

Tier Design

Design assumptions included:

  • ACME will leverage internal processes and tooling to deploy the Nessus Agent software.
  • ACME will establish 50-70 agent groups.
  • ACME will configure 50-70 agent scans.

Copyright 2018 Tenable, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc. Tenable, Tenable.io, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.