ACME Customer Case Study

A customer, ACME, was using a single Tenable Security Center instance that managed 40 scanners to perform network vulnerability assessments of approximately 1,200 stores on a monthly basis.

ACME wished to update their existing operational model to leverage Tenable Nessus Agents to collect assessment results from approximately 70,000 assets. ACME implemented a hybrid approach using the Tenable Vulnerability Management platform to manage agent scanning operations and import agent scan results into Tenable Security Center for unified analytics and reporting of both network and agent assessment results.

The intent of this case study is to highlight key configuration considerations that were implemented when ACME moved forward with deploying Tenable Nessus Agents.

Objectives

The primary goal defined by ACME to measure the success of the Tenable Nessus Agent project was their ability to leverage agents across their store infrastructure to collect in-depth asset data, while reducing the current network latency experienced by traditional remote network scans.

Scanning coverage:

• To implement local host scanning using agents on assets across stores to provide more detailed vulnerability assessment results than the current unauthenticated network active scan to stores from headquarter datacenters.
• To use agent scans to reduce the impact to ACME's network and allow for more frequent scans.

Solution

A Tenable Vulnerability Management and Tenable Security Center hybrid deployment was used in their enterprise environment. Tenable Vulnerability Management was required for agent scan operations, and the existing Tenable Security Center infrastructure was used for advanced analytics and reporting. By leveraging Tenable Vulnerability Management for agent scan operations, ACME could automatically scale for large numbers of agents and assets, without the need for on-prem software and hardware.

ACME leveraged their existing Tenable Security Center infrastructure to achieve their vulnerability management program goals by importing agent scan data from Tenable Vulnerability Management into Tenable Security Center for unified reporting and analytics. This solution split the environment into two tiers, Reporting (Tenable Security Center) and Operational (Tenable Vulnerability Management), so that ACME could optimize reporting experiences for its end users, while not impacting the data acquisition capabilities of the platform.

For more information on the tiered deployment, see:

• Tenable Nessus Agent Operational Tier (Tenable Vulnerability Management)
• Reporting Tier (Tenable Security Center)