TOC & Recently Viewed

Recently Viewed Topics

Get Started With SecurityCenter

Use the following getting started sequence to configure and mature your SecurityCenter deployment.

  1. Prepare
  2. Install
  3. Configure Scans
  4. Refine
  5. Expand

Prepare

Before you begin, learn about SecurityCenter and establish a deployment plan and analysis workflow to guide your configurations.

  • Access Tenable Support and training resources for SecurityCenter, including:
  • Design a deployment plan by identifying your organization's objectives and analyzing your network topology. Consider Tenable-recommended best practices for your environment. For more information about environment requirements, see the General Requirements Guide. For information about scan types, see Scanning Overview.

  • Design an analysis workflow. Identify key stakeholders in your management and operational groups, considering the data you intend to share with each stakeholder.

Install

Install SecurityCenter and perform initial configuration.

  1. Prepare for the installation, as described in Before You Install.
  2. Install SecurityCenter, as described in Install SecurityCenter.
  3. Perform quick setup, as described in Quick Setup.

    Quick setup includes:

    • Uploading licenses
    • Configuring one Nessus scanner
    • Configuring one NNM scanner (requires a NNM activation license)
    • Configuring one LCE server (requires an LCEĀ® activation license)
    • Creating one repository
    • Creating one organization
    • Configuring one LDAP server
    • Creating one administrator user account and one security manager account
    • Configuring usage statistic collection.

    Tenable recommends following the quick setup wizard, but you can configure these features later. For example, do not configure LDAP until you have easy access to all necessary LDAP parameters.

  4. Configure SMTP settings, as described in Mail Settings.
  5. Configure scan zones, as described in Add a Scan Zone.
  6. Configure additional repositories, if necessary, as described in Repositories.
  7. Configure additional scanners, if necessary, as described in Nessus Scanners, Nessus Network Monitor (PVS), and Log Correlation Engines.
  8. Configure security settings (e.g., password complexity requirements and custom banners), as described in Security Settings.

Configure Scans

Configure and run basic scans to begin evaluating the effectiveness of your deployment plan and analysis workflow.

  1. Configure credentials, as described in Credentials.
  2. Create static assets, as described in Add a Custom Asset. For more information about asset types, see Assets.
  3. Configure a Host Discovery policy and a Basic Network Scan policy from Tenable-provided scan policy templates, as described in Add a Scan Policy.
  4. Configure and run scans for those policies, as described in Add an Active Scan and Add an Agent Scan.

  5. Confirm that the scans can access all areas of your network with no credential issues.
  6. Configure NNM scanners, as described in Nessus Network Monitor (PVS).
  7. When the scans complete, create template-based dashboards and reports, as described in Dashboards and Reports.

Tenable recommends frequently reviewing your scan results and scan coverage. You may need to modify your scan configurations to suit your organization's objectives and reach all areas of your network.

Refine

Configure other features, if necessary, and refine your existing configurations.

  • Configure audit files, as described in Audit Files.
  • Create additional scan policies, as described in Add a Scan Policy.
  • Configure scan blackout windows, as described in Add a Blackout Window.
  • Configure groups, as described in Add a Group.
  • Create a custom user role, as described in Create a User Role.
  • Create additional user accounts and share objects with users, as described in Add a User.
  • Create dynamic assets and combination assets, as described in Add a Custom Asset. For more information about asset types, see Assets.
  • Review the plugin update schedule, as described in Edit Plugin and Feed Schedules. Consider editing the schedules to suit your needs. For example, you may want to schedule plugin and feed updates to run a few hours before your scheduled scans.
  • Add queries and use filters, as described in Add a Query and Apply a Filter.
  • Create custom dashboards and reports, as described in Reports.
  • Create Assurance Report Cards (ARCs), as described in Assurance Report Cards.
  • Configure alerts, ticketing, accept risk rules, and recast risk rules, as described in Workflow Actions.
  • View vulnerability data and use the built-in analysis tools, as described in Vulnerability Analysis.

Expand

Review and mature your deployment plan and analysis workflow.

  • Conduct weekly meetings to review your organization's responses to identified vulnerabilities.
  • Conduct weekly management meetings to oversee your teams executing the analysis workflow.
  • Review scan automation settings and consider revising.
  • Review your scan results and scan coverage. You may need to modify your scan configurations to suit your organization's objectives and reach all areas of your network.
  • Optimize and operationalize your custom dashboards to meet the needs of individual user account holders.
  • Optimize and operationalize your custom reports to prepare them for distribution.
  • Consider configuring API integrations, as described in the SecurityCenter API Guide and the SecurityCenter API Best Practices Guide.

Copyright 2017 - 2018 Tenable, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc. Tenable, Tenable.io, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.