TOC & Recently Viewed

Recently Viewed Topics

Organizations

Multiple organizations can share the same repositories, and the vulnerability data associated with the overlapping ranges is shared between each organization. Conversely, organizations can be configured with their own discrete repositories to facilitate situations where data must be kept confidential between different organizational units.

The organization is managed primarily by the administrator users and security manager users. The administrator user creates the organization and creates, assigns, and maintains the security manager user account. The security manager user (or any organizational user with appropriate permissions) creates other users within the organization. Groups allow you to manage users and share permissions to resources and objects among the group.

It is important to consider these concepts when working with the built-in roles and creating custom ones as they relate to your organizational structure.

Creation of an organization is a multi-step process. After you create an organization, SecurityCenter prompts you to create the initial security manager user.

The following table describes the items that you can specify and configure when creating an organization.

Option Description

General

Name

(Required) The organization name.

Description

A description for the organization.

Contact Information

The relevant contact information for the organization including address, city, state, country, and phone number.

Scanning

Distribution Method

There are three options to select for choosing a scan zone:

  • Automatic Distribution Only automatically selects the best scan zone or zones available for performing a scan.
  • Locked Zone only uses the selected scan zone as part of the organization’s available scan zones for performing scans.
  • Selectable Zones allows users to select from the chosen scan zones to perform a scan from. Additionally, automatic distribution may be allowed from the chosen zones so the user does not have to make assumptions as to which zone is free or optimal for their scan.

Available Zones

If you select Locked Zone or Selectable Zone for the distribution method, the list of available zones appears. You can search for the zones by name or scroll through the list.

Restricted Scan Ranges IP ranges that the organization cannot scan.

Analysis

Accessible LCEs

The LCEs that you want this organization to have access to. You can search for the LCEs by name or scroll through the list.

Accessible Repositories

The repositories that you want this organization to have access to. You can search for the repositories by name or scroll through the list.

Accessible Agent Capable Scanners

The Nessus scanners (with Nessus Agents enabled) that you want this organization to have access to. Select one or more of the available scanners to allow the organization to import Nessus Agent results from the selected scanner.

Accessible LDAP Servers

The LDAP servers that you want this organization to have access to. An organization must have access to an LDAP server in order to perform LDAP authentication on user accounts within that organization, and to configure LDAP query assets.

Note: If you revoke access to an LDAP server, users in the organization cannot authenticate and LDAP query assets cannot run.

Custom Analysis Links

A list of custom analysis links provided to users within the host vulnerability details when analyzing data outside of SecurityCenter is desired. Click Add Custom Link to create a new option to type the link name and URL to look up additional data external to SecurityCenter.

For example: http://example.com/index.htm?ip=%ip%

The %ip% reference is a variable that inserts the IP address of the current host into the specified URI.

Vulnerability Weights

Low

The vulnerability weighting to apply to Low criticality vulnerabilities for scoring purposes. (Default: 1)

Medium

The vulnerability weighting to apply to Medium criticality vulnerabilities for scoring purposes. (Default: 3)

High

The vulnerability weighting to apply to High criticality vulnerabilities for scoring purposes. (Default: 10)

Critical

The vulnerability weighting to apply to Critical criticality vulnerabilities for scoring purposes.(Default: 40)

For more information, see Add an Organization and Delete an Organization.

Copyright 2017-2018 Tenable, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc. Tenable, Tenable.io, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.