Considerations

Although your scan configuration plays an important role in your Tenable Security Center scan time and performance, other variables can affect the scan time and performance. The following table describes each variable that you should consider when trying to improve your scan time and performance:

Variable	Impact on Scan Time	Impact Description
Scan configuration	High	Your scan configuration specifies the depth of your scan. In general, increasing the depth of your scan increases the total scan time. Consider the following when planning your scan depth: What type of port scanning is Tenable Security Center performing? What ports are Tenable Security Center scanning? What vulnerabilities are you scanning for? Are you running credentialed scans? Are you performing malware checks, filesystem checks, or configuration audits? You can use Tenable-provided templates to perform both targeted and all-encompassing checks. You can create custom policies to customize all possible policy settings.
Scanner resources available	High	The number of IP addresses you can assess simultaneously via a network scan largely depends on two things: The number of available Nessus scanners to the scan job The resources available to your internal Nessus scanners Increasing one or both of these factors is the fastest way to improve your rate of simultaneous assessment and overall scan time. However, large enterprise networks often have infrastructure or technology limitations that prohibit increasing these resources beyond a certain maximum. Your Nessus scanners should meet the hardware requirements whenever possible, but exceeding the minimum requirements lets your scanners assess more targets faster. Note: You cannot modify some Tenable Vulnerability Management cloud scanner settings.
Type of assessment	Medium	You have various options available for assessing assets in your environment. While the correct scan configuration can vary depending on your environment, you should build the most efficient scan configuration for your organization's assets or environment. For example: Use agents for remote systems that are not local to your scanners Use passive sensors for discovery or sensitive devices
Number of live hosts	Medium	Scanning a dead host takes less time than scanning a live host. A distribution of IP addresses with a low number of associated hosts takes less time to scan than a distribution of IP addresses with a higher number of hosts. You can choose to scan an entire range of IPs, or target specific ones, depending on the use case for that particular scan job. For more information, see Targets.
Target configurations	Medium	Scanning a locked-down system with few exposed network services takes less time than complicated target configurations. For example, a Windows server with a web server, database, and host intrusion prevention software takes more time to scan than a Windows 11 workstation.
Scanner proximity to targets	Medium	Tenable recommends placing your scanners close to your targets, connected with minimum latency (for more information, see the following Tenable blog article). Latency has an additive effect on every packet exchanged between a scanner and its target. The largest impacts tend to be network latency and simultaneous plugin checks. For example: Scanning through routers, VPNs, load balancers, and firewalls can impact the fidelity of your scan results by blocking ports that should be open or by auto-responding to closed ports. Scanning numerous hosts behind a single piece of network infrastructure can increase the load on your equipment, given the large number of sessions exchanged between scanner and host.
Time of day and week	Low	In many environments, there are periods of time where infrastructure load is higher. Scheduling assessments outside of these windows can improve scan performance.
Target resources	Low	The resources available to the scan target can impact scan time as well. A public-facing system (a system with load) takes longer to scan than an idle backup system.