ACME Customer Case Study
A customer, ACME, was using a single Tenable Tenable.sc instance that managed 40 scanners to perform network vulnerability assessments of approximately 1,200 stores on a monthly basis.
ACME wished to update their existing operational model to leverage Nessus Agents to collect assessment results from approximately 70,000 assets. ACME implemented a hybrid approach using the Tenable.io platform to manage agent scanning operations and import agent scan results into Tenable.sc for unified analytics and reporting of both network and agent assessment results.
The intent of this case study is to highlight key configuration considerations that were implemented when ACME moved forward with deploying Nessus Agents.
The primary goal defined by ACME to measure the success of the Tenable Nessus Agent project was their ability to leverage Nessus Agents across their store infrastructure to collect in-depth asset data, while reducing the current network latency experienced by traditional remote network scans.
- To implement local host scanning using agents on assets across stores to provide more detailed vulnerability assessment results than the current unauthenticated network active scan to stores from headquarter datacenters.
- To utilize agent scans to reduce the impact to ACME's network and allow for more frequent scans.
A Tenable.io and Tenable.sc hybrid deployment was used in their enterprise environment. Tenable.io was required for Nessus Agents scan operations, and the existing Tenable.sc infrastructure was used for advanced analytics and reporting. By leveraging Tenable.io for agent scan operations, ACME could automatically scale for large numbers of Nessus Agents and assets, without the need for on-prem software and hardware.
ACME leveraged their existing Tenable.sc infrastructure to achieve their vulnerability management program goals by importing agent scan data from Tenable.io into Tenable.sc for unified reporting and analytics. This solution split the environment into two tiers, Reporting (Tenable.sc) and Operational (Tenable.io), so that ACME could optimize reporting experiences for its end users, while not impacting the data acquisition capabilities of the platform.
The hybrid deployment is illustrated here:
For more information on the tiered deployment, see: