TOC & Recently Viewed

Recently Viewed Topics

Get Started With SecurityCenter

Use the following getting started sequence to configure and mature your SecurityCenter deployment.

  1. Prepare
  2. Install
  3. Configure Scans
  4. Refine
  5. Expand

Prepare

Before you begin, learn about SecurityCenter and establish a deployment plan and analysis workflow to guide your configurations.

  • Access Tenable Support and training resources for SecurityCenter, including:
  • Design a deployment plan by identifying your organization's objectives and analyzing your network topology. Consider Tenable-recommended best practices for your environment. For more information about environment requirements, see the General Requirements Guide. For information about scan types, see Scanning Overview.

  • Design an analysis workflow. Identify key stakeholders in your management and operational groups, considering the data you intend to share with each stakeholder.

Install

Install SecurityCenter and perform initial configuration.

  1. Prepare for the installation, as described in Before You Install.
  2. Install SecurityCenter, as described in Install SecurityCenter.
  3. Perform quick setup, as described in Quick Setup.

    Quick setup includes:

    • Uploading licenses
    • Configuring one Nessus scanner
    • Configuring one PVS scanner (requires a PVS activation license)
    • Configuring one LCE server (requires an LCE® activation license)
    • Creating one repository
    • Creating one organization
    • Configuring one LDAP server
    • Creating one administrator user account and one security manager account
    • Configuring usage statistic collection.

    Tenable recommends following the quick setup wizard, but you can configure these features later. For example, do not configure LDAP until you have easy access to all necessary LDAP parameters.

  4. Configure SMTP settings, as described in Mail Settings.
  5. Configure scan zones, as described in Add a Scan Zone.
  6. Configure additional repositories, if necessary, as described in Repositories.
  7. Configure additional scanners, if necessary, as described in Nessus Scanners, Passive Vulnerability Scanner Instances, and Log Correlation Engines.
  8. Configure security settings (e.g., password complexity requirements and custom banners), as described in Security Settings.

Configure Scans

Configure and run basic scans to begin evaluating the effectiveness of your deployment plan and analysis workflow.

  1. Configure credentials, as described in Credentials.
  2. Create static assets, as described in Add a Custom Asset. For more information about asset types, see Assets.
  3. Configure a Host Discovery policy and a Basic Network Scan policy from Tenable-provided scan policy templates, as described in Add a Scan Policy.
  4. Configure and run scans for those policies, as described in Add an Active Scan and Add an Agent Scan.

  5. Confirm that the scans can access all areas of your network with no credential issues.
  6. Configure PVS scanners, as described in Passive Vulnerability Scanner Instances.
  7. When the scans complete, create template-based dashboards and reports, as described in Dashboards and Reports.

Tenable recommends frequently reviewing your scan results and scan coverage. You may need to modify your scan configurations to suit your organization's objectives and reach all areas of your network.

Refine

Configure other features, if necessary, and refine your existing configurations.

Expand

Review and mature your deployment plan and analysis workflow.

  • Conduct weekly meetings to review your organization's responses to identified vulnerabilities.
  • Conduct weekly management meetings to oversee your teams executing the analysis workflow.
  • Review scan automation settings and consider revising.
  • Review your scan results and scan coverage. You may need to modify your scan configurations to suit your organization's objectives and reach all areas of your network.
  • Optimize and operationalize your custom dashboards to meet the needs of individual user account holders.
  • Optimize and operationalize your custom reports to prepare them for distribution.
  • Consider configuring API integrations, as described in the SecurityCenter API Guide and the SecurityCenter API Best Practices Guide.

Copyright © 2019 Tenable, Inc. All rights reserved. Tenable, Tenable.io, Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc.. Tenable.sc, Lumin, Assure, and the Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.