Tenable.sc Architecture

Physical Architecture

At a high level, a Tenable.sc deployment has two parts:

  • A central Tenable.sc console to manage scans, reports, user access, and other application tools.

  • One or more scanners to collect data and report results to the Tenable.sc console.

Logical Architecture

Tenable.sc is divided into organizations. Each organization has access to one or more repositories that store scan data. For example, users in Organization 1 can only see repositories that are assigned to Organization 1, however, a repository can be assigned to more than one organization.

The highest-level user in an organization is the Security Manager. For more information about user permissions, see User Roles.

Very broadly, the logical layout / architecture of Tenable.sc looks like this:

Many environments have just one organization. The following are some common use cases for multiple organizations:

  • Environments where there are multiple departments or entities in a business that are logically independent, but that are all governed by the same structure.

  • Acquisitions – there may be a reason to keep the acquiring company and acquired company separate.