Initech Customer Case Study

A customer, Initech, was using a tiered Tenable Security Center deployment across a large federated environment consisting of 30+ sub-organizations, 40,000 users, 60,000 devices, and 150,000+ active IPs. They performed weekly network vulnerability assessments with over 75 scanners at sites located around the United States.

Initech had a reporting requirement to perform more frequent assessments of their systems and to be able to remotely gather data from user laptops when they were off-site. Initech deployed over 50,000 Tenable Nessus Agents to accomplish this task, using a hybrid model with both Tenable Nessus Manager and Tenable Vulnerability Management, feeding data back into Tenable Security Center for analytics and reporting.

The intent of this case study is to highlight key configuration considerations that were implemented when Initech moved forward with deploying Tenable Nessus Agents.

Objectives

The primary goals defined by Initech to measure the success of the Tenable Nessus Agent project were to gather data more frequently, assess remote systems, and reduce the burden posed by managing credentials across a large disparate enterprise.

Solution

A Tenable Nessus Manager and Tenable Vulnerability Management hybrid deployment was used for agents in their enterprise environment. Tenable Vulnerability Management was required for user workstation Tenable Nessus Agent scan operations, and Tenable Nessus Manager was used for servers and other permanent on-premise infrastructure.

• Initech used the scaling ability, uptime guarantee, and cloud flexibility of Tenable Vulnerability Management to meet the dynamic requirements of a constantly changing workstation environment.
• Initech used Tenable Nessus Manager, an on-premise solution, to provide more user control over the scan data for more sensitive systems, such as server infrastructure.

Initech leveraged their existing Tenable Security Center infrastructure to achieve their vulnerability management program goals by importing agent scan data from Tenable Nessus Manager and Tenable Vulnerability Management into Tenable Security Center for unified reporting and analytics.

For more information on the tiered deployment, see:

• Agent Deployment (Tenable Nessus Manager and Tenable Vulnerability Management)
• Reporting and Network Scanning (Tenable Security Center)