TOC & Recently Viewed

Recently Viewed Topics

Organizations and Groups

An Organization is a set of distinct users and groups and the resources they have available to them. These users are assigned repositories and zones within one or more specified IP networks. Users refers to any non-administrator user account on SecurityCenter. Groups refers to collections of users with the same permissions within an organization.

Organizations

Multiple Organizations can share the same repositories and the vulnerability data associated with the overlapping ranges will be shared between each Organization. Conversely, Organizations can be configured with their own discrete repositories to facilitate situations where data must be kept confidential between different organizational units.

The Organization is managed primarily by the Administrator and Security Manager users. The Administrator is responsible for creation of the Organization, the initial Security Manager creation and assignment, and maintenance. Users within the Organization are created by the Security Manager user or any user with the appropriate permission. User management is performed on a Group level and permissions to resources and objects are shared among the group.

It is important to consider these concepts when working with the built-in roles and creating custom ones as they relate to your organizational structure.

Creation of an organization is a multi-step process. After you create an organization, SecurityCenter prompts you to create the initial Security Manager user.

The following table details the items that can be specified and configured when creating an Organization.

Option Description

General

Name

(Required) The organization name.

Description

A description for the organization.

Contact Information

The relevant contact information for the organization being created including address, city, state, country, and phone number.

Scanning

Distribution Method

There are three options to select for choosing a scan zone:

  • Automatic Distribution Only will automatically select the best scan zone(s) available for performing a scan.
  • Locked Zone will only use the selected scan zone as part of the organization’s available Scan Zones for performing scans.
  • Selectable Zones allows users to select from the chosen Scan Zones to perform a scan from. Additionally, automatic distribution may be allowed from the chosen zones so the user does not have to make assumptions as to which zone is free or optimal for their scan.

Available Zones

When selecting Locked or Selectable zones for the distribution method, the list of available zones is displayed for Scan Zone selection. The zones are searchable by name or by scrolling the list of zones.

Restricted Scan Ranges IP ranges that the organization will not be able to scan.

Analysis

Accessible LCEs

The LCEs that you want this organization to have access to. The LCEs are searchable by name or by scrolling a list of LCEs.

Accessible Repositories

The repositories that you want this organization to have access to. The Repositories are searchable by name or by scrolling a list of Repositories.

Accessible Agent Capable Scanners

The Nessus scanners (with Nessus agents enabled) that you want this organization to have access to. Selecting one or more of the available scanners will add the ability for the Organization to import Nessus Agent results from the selected scanner.

Accessible LDAP Servers

The LDAP servers that you want this organization to have access to. An organization must have access to an LDAP server in order to perform LDAP authentication on user accounts within that organization, and to configure LDAP query assets.

Note: If you revoke access to an LDAP server, users in the organization cannot authenticate and LDAP query assets cannot run.

Custom Analysis Links

A list of custom analysis links provided to users within the host vulnerability details when analyzing data outside of SecurityCenter is desired. Clicking the Add Custom Link option will create a new option to type the link name and URL to look up additional data external to SecurityCenter.

For example:

http://example.com/index.htm?ip=%ip%

The %ip% reference is a variable that inserts the IP address of the current host into the specified URI.

Vulnerability Weights

Low

The vulnerability weighting to apply to Low criticality vulnerabilities for scoring purposes. (Default: 1)

Medium

The vulnerability weighting to apply to Medium criticality vulnerabilities for scoring purposes. (Default: 3)

High

The vulnerability weighting to apply to High criticality vulnerabilities for scoring purposes. (Default: 10)

Critical

The vulnerability weighting to apply to Critical criticality vulnerabilities for scoring purposes.(Default: 40)

To add an organization:

  1. Log in to SecurityCenter using an Administrator account.
  2. Click Organizations.
  3. Click Add.
  4. Configure the General, Scanning, Analysis, Custom Analysis Links, and Vulnerability Weights options.
  5. Click Submit.

To delete an organization:

Note: Deleting an organization deletes all of the users in that organization.

  1. Log in to SecurityCenter using an Administrator account.
  2. Click Organizations.
  3. Click the gear icon next to the organization you want to delete.
  4. Click Delete.

    The Delete Organization confirmation window appears.

  5. Click Delete.

Groups

User groups are a way to group rights to objects within an organization for quick assignment to one or more users. User access to security data is granted based on the user’s group membership. When a user creates various objects such as reports, scan policies, dashboards, and other similar items, they are automatically shared among the members if the group permissions allow the view and control.

The following table describes the options to configure a group.

Option Description

General

Name

Allows the creation of a name for the group

Description

An option used to create a description of what the group is used for, such as the security team at the central office, the executives on the east coast, and other desired information.

Viewable IPs

Assigns the IP addresses that are viewable by the group. The selection is made by all defined assets or the selection of one or more asset lists.

Repositories

Makes one or more repositories available to the group

LCEs

Assigns one or more LCEs to the group

Share to Group

Available Objects Select from the list of available objects to be shared with the group on creation or edit in a bulk operation.

To add a group:

  1. Log in to SecurityCenter using a Security Manager account.
  2. Click Users > Groups.
  3. Click Add.
  4. Configure the General options.
  5. Configure the Share to Group options.
  6. Click Submit.

To delete a group:

  1. Log in to SecurityCenter using a Security Manager account.
  2. Click Users > Groups.
  3. Click the gear icon next to the group you want to delete.
  4. Click Delete.

    The Delete Group confirmation window appears.

  5. Click Delete.

Copyright 2017 Tenable, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc.  Tenable, Tenable.io, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc.  All other products or services are trademarks of their respective owners.