TOC & Recently Viewed

Recently Viewed Topics

Scanning Overview

There are several methods of scanning in Tenable.sc:

  • active scanning via Nessus or Tenable.io.
  • agent scanning via Nessus or Tenable.io.
  • passive scanning via NNM or Industrial Security.

Configuring all methods provides a comprehensive view of the organization’s security posture and reduces false positives. For more information about Tenable scanning strategies, see the Tenable Scan Strategy Guide.

Active Scanning Overview

In active scanning, the scanner sends packets to a remote target to provide a snapshot of network services and applications. These are compared to a plugin database to determine if any vulnerabilities are present. Tenable.sc can also use a scanner located outside the local network to simulate what an external entity might see.

For more information about scanner types (managed Nessus, unmanaged Nessus, and Tenable.io) in Tenable.sc, see Nessus Scanners.

Credentialed Nessus scans, a type of active scanning, can be leveraged to perform highly accurate and rapid patch, configuration, and vulnerability audits on Unix, Windows, Cisco, and database systems by actually logging in to the target system with provided credentials. Credentialed scans can also enable the ability to enumerate all UDP and TCP ports in just a few seconds. Tenable.sc can securely manage these credentials across thousands of different systems and also share the results of these audits only with users who have a need to know.

To fully configure active scanning:

  1. If you are configuring a Nessus scanner (not a Tenable.io deployment), configure scanning in Nessus, as described in the Nessus User Guide.

    Note: For information about credentialed scanning in Nessus, see the Nessus User Guide.

  2. Add a scan zone in Tenable.sc, as described in Add a Scan Zone.
  3. Add the Nessus scanner or your Tenable.io deployment in Tenable.sc, as described in Nessus Scanners.
  4. Add a repository for the scan data in Tenable.sc, as described in Add a Repository.
  5. Create active scan objects in Tenable.sc, as described in:

    1. Add an Asset from a Template or Add a Custom Asset.
    2. Add Credentials.
    3. Add a Template-Based Audit File or Add a Custom Audit File.
    4. Add a Scan Zone.
    5. Add a Scan Policy.
  6. Add an active scan in Tenable.sc, as described in Add an Active Scan.

What to do next:

Agent Scanning Overview

To perform agent scanning, Tenable.sc imports agent scan results from agent-capable Tenable.io or Nessus Manager scanners. Using Nessus agents for scanning reduces network usage and allows devices to maintain their scan schedules even when disconnected from the network. Tenable.sc can import these results for review in conjunction with other acquired information about the host and network.

To fully configure agent scanning:

  1. Configure Nessus Agents in either Tenable.io or Nessus Manager, as described in the Nessus Agent Deployment and User Guide.
  2. Add Tenable.io or Nessus Manager as a Nessus scanner in Tenable.sc, as described in Nessus Scanners.
  3. Add an agent repository in Tenable.sc, as described in Add a Repository.
  4. Add an agent scan in Tenable.sc, as described in Add an Agent Scan.

What to do next:

Passive Scanning Overview

Tenable.sc can manage one or more Tenable Nessus Network Monitor (NNM) instances or Industrial Security instances.

To fully configure passive scanning via NNM:

  1. Configure NNM, as described in the Nessus Network Monitor User Guide.
  2. Add your NNM license to Tenable.sc, as described in Add a License.
  3. Add an IPv4 or IPv6 repository for NNM data in Tenable.sc, as described in Add a Repository.
  4. Add an NNM instance in Tenable.sc, as described in Add a Nessus Network Monitor Instance.

To fully configure passive scanning via Industrial Security:

  1. Add your Industrial Security license to Tenable.sc, as described in Add a License.
  2. Add a designated IPv4 repository for Industrial Security data in Tenable.sc, as described in Add a Repository.
  3. Add an Industrial Security instance in Tenable.sc, as described in Add an Industrial Security Instance.
  4. Select SecurityCenter from the Fetch Plugins From drop-down box in Industrial Security, as described in Feed Settings Section in the Industrial Security User Guide.

What to do next:

  • View vulnerability data filtered by your NNM or Industrial Security repository, as described in Vulnerability Analysis.

Copyright © 2019 Tenable, Inc. All rights reserved. Tenable, Tenable.io, Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc.. Tenable.sc, Lumin, Assure, and the Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.