Although your scan configuration plays an important role in your Tenable Security Center scan time and performance, other variables can affect the scan time and performance. The following table describes each variable that you should consider when trying to improve your scan time and performance:


Impact on Scan Time

Impact Description

Scan configuration


Your scan configuration specifies the depth of your scan. In general, increasing the depth of your scan increases the total scan time. Consider the following when planning your scan depth:

  • What type of port scanning is Tenable Security Center performing?

  • What ports are Tenable Security Center scanning?

  • What vulnerabilities are you scanning for?

  • Are you running credentialed scans?

  • Are you performing malware checks, filesystem checks, or configuration audits?

You can use Tenable-provided templates to perform both targeted and all-encompassing checks. You can create custom policies to customize all possible policy settings.

Scanner resources available


The number of IP addresses you can assess simultaneously via a network scan largely depends on two things:

Increasing one or both of these factors is the fastest way to improve your rate of simultaneous assessment and overall scan time. However, large enterprise networks often have infrastructure or technology limitations that prohibit increasing these resources beyond a certain maximum. Your Nessus scanners should meet the hardware requirements whenever possible, but exceeding the minimum requirements lets your scanners assess more targets faster.

Note: You cannot modify some Tenable Vulnerability Management cloud scanner settings.

Type of assessment


You have various options available for assessing assets in your environment. While the correct scan configuration can vary depending on your environment, you should build the most efficient scan configuration for your organization's assets or environment. For example:

  • Use agents for remote systems that are not local to your scanners

  • Use passive sensors for discovery or sensitive devices

Number of live hosts


Scanning a dead host takes less time than scanning a live host. A distribution of IP addresses with a low number of associated hosts takes less time to scan than a distribution of IP addresses with a higher number of hosts.

You can choose to scan an entire range of IPs, or target specific ones, depending on the use case for that particular scan job. For more information, see Targets.

Target configurations


Scanning a locked-down system with few exposed network services takes less time than complicated target configurations. For example, a Windows server with a web server, database, and host intrusion prevention software takes more time to scan than a Windows 11 workstation.

Scanner proximity to targets


Tenable recommends placing your scanners close to your targets, connected with minimum latency (for more information, see the following Tenable blog article). Latency has an additive effect on every packet exchanged between a scanner and its target. The largest impacts tend to be network latency and simultaneous plugin checks.

For example:

  • Scanning through routers, VPNs, load balancers, and firewalls can impact the fidelity of your scan results by blocking ports that should be open or by auto-responding to closed ports.

  • Scanning numerous hosts behind a single piece of network infrastructure can increase the load on your equipment, given the large number of sessions exchanged between scanner and host.

Time of day and week


In many environments, there are periods of time where infrastructure load is higher. Scheduling assessments outside of these windows can improve scan performance.

Target resources


The resources available to the scan target can impact scan time as well. A public-facing system (a system with load) takes longer to scan than an idle backup system.