TOC & Recently Viewed

Recently Viewed Topics

Quick Setup

The SecurityCenter Quick Setup Guide walks through the following configurations:

After configuring, Review and confirm.

License

SecurityCenter License

Click Choose File to upload the SecurityCenter license file you received from Tenable™. The file should follow the format:

<CompanyName>_SC<IP Count>-<#>-<#>.key

After uploading and clicking the Activate button, the page confirms successful upload and activation of a valid license.

Additional Licenses

Consider adding additional license activation codes:

  • SecurityCenter Activation Code — required before registering any Nessus scanners that will be used by the SecurityCenter. The SecurityCenter Activation Code allows SecurityCenter to download plugins and update Nessus scanner plugins.

    In the Nessus section, type the SecurityCenter Activation Code and click Register.

  • PVS Activation Code — required before using and managing attached NNM scanners.

    In the PVS section, type the PVS Activation Code and click Register.

  • LCE Activation Code — required before downloading LCE Event vulnerability plugins to SecurityCenter. The LCE Activation Code allows SecurityCenter to download event plugins, but it does not manage plugin updates for LCE servers.

    In the LCE section, type the LCE Activation Code and click Register.

Click Next to continue.

A plus (+) sign with a grey background indicates that no license is applied for the product. A red box with an X indicates an invalid activation code. Click on the plus (+) or X to add or reset a license activation code.

A green box with a checkmark indicates a valid license is applied and that SC initiated a plugin download in the background. The download may take several minutes and must complete before initiating any Nessus scans. After the download completes, the Last Updated date and time are updated on the Plugins page.

Nessus Scanner

Configure your first Nessus scanner. For information about the options you can configure, see Nessus Scanners. There are some limitations on the scanner options you can configure during Quick Start:

  • Agent Capable: If you use a Tenable.io™ or Nessus Manager scanner for Nessus Agent scan imports, do not configure that scanner during the Quick Start.
  • Zones: If you want to grant scan zones access to this scanner, you must configure the Zones option after the Quick Start.

PVS

If you added a PVS Activation Code, you can configure your first NNM scanner. For information about the options you can configure, see Nessus Network Monitor (PVS). There are some limitations on the scanner options you can configure during Quick Start:

  • Repositories: If you want to select repositories to store the scanner's data, you must configure the Repositories option after the Quick Start.

LCE

If you added an LCE Activation Code, you can configure your first LCE® scanner. For information about the options you can configure, see Log Correlation Engines. There are some limitations on the scanner options you can configure during Quick Start:

  • Organizations: If you want to select organizations that can access the scanner's data, you must configure the Organizations option after the Quick Start.
  • Repositories: If you want to select repositories to store the scanner's data, you must configure the Repositories option after the Quick Start.

Repository

You can configure your first local IPv4 or IPv6 repository.

Caution: When creating repositories, note that IPv4 and IPv6 addresses must be stored separately. Additional repositories may be created once the initial configuration is complete.

A repository is essentially a database of vulnerability data defined by one or more ranges of IP addresses. When the repository is created, a selection for IPv4 or IPv6 addresses must be made. Only IP addresses of the designated type may be imported to the designated repository. The organization created in steps that follow can take advantage of one or more repositories. During installation, a single local repository is created with the ability to modify its configuration and add others post-install.

Caution: When creating SecurityCenter repositories, LCE event source IP ranges must be included along with the vulnerability IP ranges or the event data will not be accessible from the SecurityCenter UI.

Local repositories are based on the IP addresses specified in the IP Ranges option on this page during the initial setup. Remote repositories use addressing information pulled over the network from a remote SecurityCenter. Remote repositories are useful in multi-SecurityCenter configurations where security installations are separate but reports are shared. Offline repositories also contain addressing information from another SecurityCenter. However, the information is imported to the new installation via a configuration file and not via a direct network connection. This facilitates situations where the remote SecurityCenter is isolated from other networks via an air gap.

For information about the options you can configure, see Local Repositories. There are some limitations on the repositories and repository options you can configure during Quick Start:

  • You cannot configure a local mobile repository during Quick Start.
  • You cannot configure an external repository during Quick Start.
  • Organizations: If you want to select organizations that can access the repository's data, you must configure the Organizations option after the Quick Start.
  • LCE Correlation: If you want to select LCE servers where you want SecurityCenter to retrieve data, you must configure the LCE Correlation option after the Quick Start.

Organization

An organization is a set of distinct users and groups and the resources they have available to them. For information about the options you can configure, see Organizations.

You can configure one organization during initial setup. If you want to use multiple organizations, you must configure other organizations after the Quick Start.

LDAP

Configuring LDAP allows you to use external LDAP servers for the SecurityCenter user account authentication or as LDAP query assets. Type all required LDAP server settings and click Next. Click Skip if you do not want to configure LDAP during initial configuration.

You can configure one LDAP server connection during initial setup. If you want to use multiple LDAP servers, or if you want to configure additional options, you must continue configuring LDAP after the Quick Start.

For information about the options you can configure, see LDAP Servers.

User

You must create one administrator and one security manager during initial setup. For more information, see User Roles.

  • Security manager — a user to manage the organization you just created. After you finish initial setup, the security manager can create other user accounts within the organization.
  • Administrator — a user to manage SecurityCenter. After you finish initial setup, the administrator can create other organizations and user accounts.

If you already configured an LDAP server, you have the option to create an LDAP user account. For more information about TNS or LDAP user account options, see User Accounts.

After creating the security manager user and setting the administrator password, click Next to finish initial setup. The Admin Dashboard page appears, where you can review login configuration data.

Review

The review page displays your currently selected configurations. If you want to make further changes, click on the links in the left navigation bar.

When you are finished, click Confirm.

Copyright 2017-2018 Tenable, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc. Tenable, Tenable.io, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.