Plan Your Tenable Lumin Synchronization

Tenable recommends planning your synchronization strategy to accommodate synchronization limitations and limit data duplication in Tenable Vulnerability Management.

Can I communicate with Tenable Vulnerability Management through a proxy?

To use the proxy configured for your Tenable Security Center instance for communications with your Tenable Vulnerability Management instance, contact Tenable Support.

Can I synchronize multiple Tenable Security Center instances?

Using Tenable Security Center 6.2 and above, you can sync multiple Tenable Security Center consoles to one Tenable One instance.

Note: All repository names must be unique across consoles.

What data does synchronization include?

Tenable Security Center supports synchronizing:

  • IPv4 addresses within dynamic assets and IPv4 addresses within static assets.

    Note: You cannot synchronize IPv6 addresses within static assets. If an asset contains a mix of IPv4 and IPv6 addresses, Tenable Security Center synchronizes only the IPv4 addresses.

    Note: You cannot synchronize non-IPv4 assets within dynamic assets. If a dynamic asset contains other asset types, Tenable Security Center synchronizes only the IPv4 addresses.

    Note: You cannot synchronize DNS name list assets, LDAP query assets, combination assets, watchlist assets, or import assets.

  • Active or agent cumulative database and scan result vulnerability data stored in IPv4 and agent repositories.

    The initial synchronization includes all cumulative database data from the repository. All subsequent synchronizations include only the new or modified scan result data imported to the repository.

    Note: You cannot synchronize passive scan result vulnerability data. Tenable Security Center identifies vulnerability data by plugin family and excludes Tenable Nessus Network Monitor and LCE plugin families from synchronization.

    Caution: To avoid data merge issues in Tenable Vulnerability Management, Tenable recommends enabling Network Support or resolving all repository overlaps before synchronizing data to Tenable Vulnerability Management. You cannot resolve data merge issues after synchronizing a repository with Tenable Vulnerability Management; you must enable Network Support or resolve overlapping repositories in Tenable Security Center before synchronizing a repository for the first time. For more information, see Network Support and Repository Overlap.

Do I need to synchronize both data types (repositories and assets)?

Yes. In order to accurately assess your Cyber Exposure risk with Tenable Lumin, you must synchronize one or more asset lists and one or more repositories containing vulnerability data for those assets.

Should I resolve repository overlaps or enable Network Support?

If you first configured Tenable Lumin synchronization in Tenable Security Center 5.19.x or later, Network Support is enabled by default and cannot be disabled.

If you first configured Tenable Lumin synchronization in Tenable Security Center 5.18.x or earlier and upgraded to Tenable Security Center 5.19.x or later, you can decide to enable Network Support instead of resolving repository overlaps in the Tenable Security Center repositories you synchronize with Tenable Vulnerability Management. Contact your Tenable representative to enable Network Support.

Tip: For the purpose of determining the default setting for Network Support, Tenable Lumin synchronization is configured if you have configured the Tenable.io Connection Settings and selected at least one repository to synchronize.

For more information, see Network Support and Repository Overlap and Tenable Lumin Synchronization Options.

How long does synchronization take to complete?

Vulnerability and asset data synchronize differently to Tenable Vulnerability Management.

Data

Synchronization Method

Timing
Vulnerability data
  • Manual initial synchronization.
  • Automatic subsequent synchronizations when new scan result data imports to your synchronized repositories.

After you initiate a synchronization, Tenable Security Center immediately begins transferring data to Tenable Vulnerability Management. After 10-15 minutes, data begins appearing in Tenable Vulnerability Management.

Newly transferred data does not immediately impact your Tenable Lumin metrics (for example, your CES). Tenable requires up to 48 hours to recalculate your metrics.

All data and recalculated Tenable Lumin metrics appear in Tenable Vulnerability Management within 48 hours.

Recalculated metrics appear in Tenable Security Center after the next daily retrieval.

Asset data (tags in Tenable Vulnerability Management)
  • Manual initial synchronization.
  • On-demand, automatic, or scheduled subsequent synchronizations, depending on your synchronization configuration.

To monitor the success or failure of synchronizations, see View Tenable Lumin Synchronization Status and View Tenable Lumin Data Synchronization Logs.

Which of my synchronized assets count toward my Tenable Vulnerability Management license?

Synchronized assets that count toward your Tenable Security Center license also count toward your Tenable Vulnerability Management license. For more information about Tenable Security Center asset counting, see License Requirements.

Where will I see synchronized data in Tenable Vulnerability Management?

Tip: Viewing vulnerability data is temporarily not possible in Tenable Vulnerability Management. You can view asset and solutions data, but not vulnerability data. For more information, contact your Tenable representative.

You can view your synchronized data in both the Vulnerability Management and Tenable Lumin areas of Tenable Vulnerability Management.

Vulnerability Management

View your synchronized data on the Assets page. For more information, see View Assets in Tenable Vulnerability Management.

Tenable Lumin

View your synchronized data on any Tenable Lumin page. For more information, see Get Started with Tenable Lumin in the Tenable Vulnerability Management User Guide.

Tip: To view limited metrics Tenable Security Center retrieves from Tenable Lumin in Tenable Vulnerability Management, see View Tenable Lumin Metrics.