The following are some common questions that you should answer prior to deploying Nessus Agents:
What operating system do you plan to deploy the Nessus Agent on?
- Linux (Debian/RHEL/Fedora/Ubuntu)
- Windows (Win 7/8/10, Win Server 2008/2012/2016 R2)
- OS X (10.8+)
- How many Nessus Agents do you plan to deploy?
Note: In deployment scenarios with more than 10,000 agents you should consider optimizing performance with agent group sizing and scan staggering as discussed in Large Scale Deployments.
- Fewer than 1,000
- More than 1,000 and fewer than 5,000
- More than 5,000 and fewer than 10,000
- More than 10,000
- What are the typical hardware specifications of the hosts where you want to install Nessus Agents? For example, consider disk space, disk type and speed, CPU, cores, and RAM.
- Are there any countermeasures that exist on the host that would prevent the egress communications from the Nessus Agent to the Nessus Manager (DST: TCP/8834 [default, customizable])?
- Are there any countermeasures that exist on the host that would prevent the agent process from executing?
- How do you plan to deploy Nessus Agents across the enterprise? For example, do you want to use an enterprise deployment technology such as Active Directory, SMS, Microsoft SCCM, and/or Red Hat Satellite?
- Do you want to deploy Nessus Agents to virtual or non-persistent systems? If so, consider adding the agent to your base device template. Tenable recommends that you review your organization's process for commissioning and decommissioning virtual/non-persistent hosts in order to properly ensure successful activation or deactivation of the Nessus Agents.
- How do you plan to track the ratio of potentially deployable agent assets to actual assets with deployed agents?
- How do you plan to track the health and status of the agent on the host? For example, you might want to monitor for condition x (where x is the status of the service or the registration status of the agent); if that condition is present, you might then trigger an action or notification.
- What naming schema would best fit the infrastructure where deployed agents exist? It is important to plan how you would like to organize the breakdown of hosts running agents.
- Do you plan to supplement agent-based scanning with traditional network scans? How will you maintain vulnerability information across agent and network scans? How will you manage multiple repositories?