Agent Deployment Workflow

Before you begin:

  • If you are using Nessus Manager to manage Nessus Agents, you must deploy and configure Nessus Manager before you deploy Nessus Agents.
  • If you are using Tenable.io to manage your Nessus Agents, no preliminary deployment is required.
Caution: When manually updating an agent, you must update to a newer version than your current version. If you want to downgrade to a previous version, you must first delete the destination folder where Nessus Agent was installed, then install the new package. Downgrading directly to a previous version is not supported.

To deploy Nessus Agents

  1. On each host, install Nessus Agents.

    As part of this step, you link the agent to the manager and verify that link. The link must be successful before you continue to the next step.

  2. On the manager, create an agent group.
  3. (Optional) Configure a blackout window.
  4. (Optional) Modify the default agent settings.
  5. Create a scan targeting the agent group. For more information, see:

    As part of this step, you configure the type of scan you want the agents to perform and the scan window during which agents communicate with the manager.

    Note: The next time an agent in the specified agent group checks in during the scan window, it will download the scan policy from Nessus Manageror Tenable.io, run the scan, and upload the scan results back to the manager.