Reporting and Traditional Network Scanning (Tenable Security Center)

The primary purpose of the reporting tier was to allow for centralized analytics and reporting of data collected from the Tenable Nessus Agents and existing traditional network scans. Dashboards, analytics, reports, and Assurance Report Cards are leveraged on this tier.

Functions performed

The following processes and uses take place in Tenable Security Center.

  • Tenable Nessus Manager and Tenable Vulnerability Management were added to Tenable Security Center as an “agent capable” scanners.
  • Agent scans in Tenable Security Center were configured to retrieve agent scan results from Tenable Nessus Manager and Tenable Vulnerability Management.
  • Agent data was placed in new repositories according to existing data models.
  • Analytics, dashboards, reports, and Assurance Report Cards in Tenable Security Center were leveraged for all assessment types (Agent and Network Scanning).

Considerations

  • Tenable Security Center required additional data repositories to support the agent results. Tenable recommended that Initech establish multiple new repositories in Tenable Security Center for agent results, because combining agent and network assessment results in the same repository can cause reporting challenges.
  • Initech needed to perform a full analysis on their current Tenable Security Center hardware configuration to determine if additional CPU/RAM/HD was required for the additional data resulting from importing agent scan results.
  • Initech needed to evaluate their existing traditional scan structures/policies to ensure limited data overlap once agent assessments were implemented and data imported into Tenable Security Center.

Tier design

Design assumptions included:

  • Initech will establish multiple repositories to store agent scan results.
  • Initech will establish 60-100 agent jobs to retrieve agent scan results from Tenable Vulnerability Management and Tenable Nessus Manager.
  • Initech will evaluate current infrastructure to determine if additional CPU/RAM/HDD is required.
  • Initech will evaluate existing scan structures/policies to limit data overlap.