TOC & Recently Viewed

Recently Viewed Topics

External Repositories

Remote Repositories

If you want to connect your SecurityCenter with another SecurityCenter, configure the secondary SecurityCenter as a remote repository. Remote repositories allow multiple SecurityCenters to share repository data via a SSH session.

Option Description

General

Name

The repository name.

Description

Descriptive text for the repository.

Remote SecurityCenter

Host

Host to synchronize with to obtain the repository data. After entering the IP address of the remote SecurityCenter, click the Request Repositories link to type an admin username and password for the SecurityCenter to exchange the SSH keys. Once completed, a list of available repositories is populated.

Repository

Remote repository to collect IP address(es) and vulnerability data from. This is a list of the available repository names available on the remote SecurityCenter.

Schedule

Sets the schedule for the remote server to be queried for updated information.

Access

Organizations

Defines Organizations that have access to the vulnerability data within the repository. Within the “Organizations” section, select or deselect the box next to the Organization name to grant or deny that Organization access to the repository information. When initially selecting the Organization, a prompt appears to either grant or deny access to all the Groups within the Organization. If granted, all Groups are given access to the repository information. If denied, Groups within the Organization must explicitly be given access on a per Group basis.

Offline Repositories

Offline repositories are similar to remote repositories with the exception that data is synchronized manually using an archive file (.tar.gz) and not via network transmission. The table below describes configurable options for an offline repository:

Option Description

General

Name

The repository name

Description

Descriptive text for the repository

Access

Organizations

Defines Organizations that have access to the vulnerability data within the repository. Within the “Organizations” section, select or deselect the box next to the Organization name to grant or deny that Organization access to the repository information. When initially selecting the Organization, a prompt appears to either grant or deny access to all the Groups within the Organization. If granted, all Groups are given access to the repository information. If denied, Groups within the Organization must explicitly be given access on a per Group basis.

Advanced Settings

Generate Trend Data

Note: If trending is not selected, any query that uses comparisons between repository snapshots (e.g., trending line charts) is unavailable.

This option allows for a periodic snapshot of the .nessus data for vulnerability trending purposes. This option is useful in cases where tracking data changes is important. In situations where repository datasets do not change frequently – negating the need for trending – disable this option to minimize disk space usage.

Days Trending

Sets the number of days for the trending data to track.

Enable Full Text Search

Determines if the trending data presented is indexed for a full text search.

To initiate offline repository synchronization, first click on the Export link from the gear icon drop-down menu to download the repository archive from an existing repository.

Depending on browser choice, the browser presents the option to open or save the Nessus or Compressed Tar file. It is recommended that the file be saved at this time.

Tip: Depending on the size of the repository database, this file can be quite large. It is important to save the file to a location with sufficient free disk space.

Tip: When importing the repository archive, the default maximum file import size is 360MB. This is specified by the post_max_size directive in /opt/sc/support/etc/php.ini. If larger file uploads are required, increase the default value.

To load the repository archive to the offline repository, copy it to a location where the offline repository is accessible via the SecurityCenter GUI, open the Repositories page, highlight the offline repository, and click Upload from the gear icon drop-down menu.

On the Upload page, add a name and description for the repository. Next to Repository Data, click Choose File and select the file to add to the previously exported repository.

Copyright 2017 Tenable, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc.  Tenable, Tenable.io, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc.  All other products or services are trademarks of their respective owners.