Nessus Agent 10.0.0 Release Notes - 2021-11-17

New Features

The following are the new features included in Nessus Agent 10.0.0:

  • Web Proxy Auto Detection for Windows - Agents installed on Windows-based hosts may now use WPAD for web proxy, enabling Agents to adopt new configurations as the host connects to different networks.

  • Reduced Agent Footprint - Agents now leverage an updated plugin compilation mechanism that creates a smaller footprint when installed on a host.

  • Support for Tenable.io feature coming in late Q4 2021: Regular Agent Information Updates in Tenable.io - Agents will be able to update Tenable.io with their host asset information whenever a change is detected, regardless of their last scan completion, and provide a more up-to-date understanding of asset configurations.

  • Support for Tenable.io feature coming in late Q4 2021: Rule-based Agent Scanning in Tenable.io - Agent scans will be able to be configured using scan triggers, providing an alternative scanning model to the traditional scan window. Rule-based scan policies will be able to include multiple triggers. Agents will be able to initiate scans based on the triggers listed below. Rule-based scanning will be available for all Tenable.io Agents, including Tenable.sc cloud Agents managed through Tenable.io.

    • Time Interval - Initiate Agent scans based on a user-defined time interval, regardless of the Agent's connectivity to Tenable.io, and upload the results the next time the Agent successfully connects.

      • Provides coverage for assets that may not be continuously connected to Tenable.io, returning the latest vulnerability results upon Agent check-in.

      • Enables better coverage for ephemeral assets, as Agents will check their policy on startup or boot. If the interval has ended, Agent will run a scan and upload the results to Tenable.io.

    • Filename - Initiate Agent scans by placing an empty file, with a user-specified filename, into an assigned directory.

      • Enables integration with other tools.

      • Enables local admins to easily start a scan upon updating or patching a host system.

    • Ad-Hoc Local - Initiate Agent scans locally via the Nessus CLI.

      • Enables local admins to easily start a scan upon updating or patching a host system.

      • Enabled by default for all rule-based scan policies.

Changed Functionality and Performance Enhancements

The following are changed functionality and performance enhancements included in Nessus Agent 10.0.0:

  • Operating System support for:

    • Fedora 35

    • Windows Server 2022

    • Windows 11

    • MacOS 12

    • Ubuntu 18.04 ARM

For more information about the features and functionality supported in this release, see the Nessus Agent user guide.

Bug Fixes

Bug Fix Defect ID
Resolved an issue where certain Windows AWS instances would not populate AWS metadata in Tenable.io. n/a

Upgrade Notes

  • Nessus Agents upgraded via Nessus Manager will not upgrade to 8.2.0 and later unless Nessus Manager is already updated to 8.12.0 or later.

  • New Tenable.io Domain - As a part of continuous security and scalability improvements to Tenable infrastructure, we have added a new sensor.cloud.tenable.com domain that Tenable.io-linked agents communicate with.

    • Starting with Agent 8.1.0, Tenable.io-linked agents communicate with Tenable.io using sensor.cloud.tenable.com. In case agents are not able to connect to the new domain, they fall back to using cloud.tenable.com. Agents with earlier versions will continue to use the cloud.tenable.com domain.

    • Recommended Action: If you use domain allow lists for firewalls, Tenable recommends adding *.cloud.tenable.com (with the wildcard character) to the allow list. This ensures communication with sensor.cloud.tenable.com and all future subdomains, reducing operational overhead. Please contact your network administrator for assistance with making necessary changes to your allow list.
  • You can upgrade to the latest version of Nessus Agent from any previously supported version.
  • If your upgrade path skips versions of the Agent, Tenable recommends reviewing the release notes for all skipped versions to learn about new features and bug fixes.