Recently Viewed Topics
Active Scan Objects
Complete SecurityCenter scan configurations rely on the following scan objects. For information about active scans, see Active Scans.
|assets||Assets are lists of devices (e.g., laptops, servers, tablets, phones, etc.) within a SecurityCenter organization. Assets can be shared with one or more users based on local security policy requirements.
You can add an asset to group devices that share common attributes. Then, you can use the asset during scan configuration to target the devices in the asset.
For more information, see Assets.
During a configuration audit, auditors verify that servers and devices are configured according to an established standard and maintained with an appropriate procedure. SecurityCenter can perform configuration audits on key assets through the use of Nessus’ local checks that can log directly onto a Unix or Windows server without an agent.
SecurityCenter supports a variety of audit standards. Some of these come from best practice centers like the PCI Security Standards Council and the Center for Internet Security (CIS). Some of these are based on Tenable’s interpretation of audit requirements to comply with specific industry standards such as PCI DSS or legislation such as Sarbanes-Oxley.
In addition to base audits, it is easy to create customized audits for the particular requirements of any organization. These customized audits can be loaded into the SecurityCenter and made available to anyone performing configuration audits within an organization.
NIST SCAP files can be uploaded and used in the same manner as an audit file. Navigate to NIST’s SCAP website () and under the SCAP Content section, download the desired SCAP security checklist zip file. The file may then be uploaded to SecurityCenter and selected for use in Nessus scan jobs.
Once the audit scan policies are configured in SecurityCenter, they can be repeatedly used. SecurityCenter can also perform audits intended for specific assets. Through the use of audit policies and asset lists, a SecurityCenter user can quickly determine the compliance posture for any specified asset.
For more information, see Audit Files.
Credentials are reusable objects that facilitate a login to a scan target. Various types of credentials with different authentication methods can be configured for use within scan policies. Credentials may be shared between users for scanning purposes.
SecurityCenter supports an unlimited number of SSH, Windows, and database credentials, and four SNMP credential sets per scan configuration.
For more information, see Credentials.
Scan policies contain options related to performing an active scan. For example:
For more information, see Scan Policies.
Scan zones represent areas of your network that you want to target in an active scan, associating an IP address or range of IP addresses with one or more scanners in your deployment. Scan zones define the IP ranges associated with the scanner along with organizational access.
For more information, see Scan Zones.