License Requirements

Tenable Security Center does not support an unlicensed demo mode. License keys are required for Tenable Security Center and for all attached Tenable products. You first configure your Tenable Security Center license and additional Tenable product licenses during quick start, as described in Quick Setup.

You can update your Tenable Security Center license in an externally connected or air-gapped environment, as described in Update an Existing License.

Tenable Security Center requires an internet connection to validate additional Tenable product licenses. To apply a license for an additional Tenable product, see Apply a New License. To update a license for an additional Tenable product, see Update an Existing License.

Tip: For information about Tenable Security Center-Tenable product registration server communications encryption, see Encryption Strength.

Your Tenable Security Center License

Tenable Security Center licenses are valid for a specific hostname and for a maximum number of active assets (identified by IP address or UUID). Assets are counted towards your license limit depending on how Tenable Security Center discovers, or sees, the asset. In general, an asset does not count against your license limit unless it has been assessed for vulnerabilities.

For example, if you purchase a 500 asset Tenable Security Center license, you can perform host discovery on your network but you cannot assess more than 500 assets. For more information about discovery and assessment scanning, see Scanning Overview.

Tenable Security Center generates a warning in the web interface when you approach or exceed the license limit. To monitor your license limit, use the Licensing Status widget, as described in Overview Dashboard. To upgrade your license, contact your Tenable representative.

Counted Toward License

Not Counted Toward License

  • IP addresses from active scans

  • IP addresses from Tenable Log Correlation Engine instances

  • IP addresses from Tenable Nessus Network Monitor instances not in discovery mode

  • UUIDs from OT Security instances

  • IP addresses in offline repositories that you downloaded using the same Tenable Security Center instance or license

A single IP address or UUID counts once toward your license, even if it was scanned by multiple methods or stored in multiple repositories.

Note: If you use an alternative port scanner, Tenable Security Center counts the detected IP addresses against your license.

  • IP addresses present only from imports to offline repositories

  • IP addresses present only from Tenable Nessus Network Monitor instances in discovery mode

  • IP addresses in offline repositories that you downloaded using the same Tenable Security Center instance with a different license

  • IP addresses in offline repositories that you downloaded using a different Tenable Security Center instance and license

  • The following excluded plugins:

    Tenable Nessus — 10180, 10287, 10335, 11219, 11933, 11936, 12053, 14272, 14274, 19506, 22964, 33812, 33813, 34220, 34277, 45590, 54615, 87413, 112154, 161455, and 179042.

    Tenable Nessus Network Monitor — 0, 12, 18, 19, 20, 113, and 132.

    LCE — 800000 through 800099.

Your Tenable Security Center+ Product Licenses

Tip: Tenable rebranded Tenable Security Center Continuous View as Tenable Security Center+.

If you want to use Tenable Security Center with other Tenable products, you must add their activation codes to Tenable Security Center. For more information, see Apply a New License.

Your Tenable Lumin License

If you want to view and analyze your data in Tenable Vulnerability Management using Tenable Lumin, you must acquire a Tenable Lumin license for use with your Tenable Security Center deployment.

Tip: Synchronized assets that count toward your Tenable Security Center license also count toward your Tenable Vulnerability Management license.

For more information, contact your Tenable representative.

Your Tenable Web App Scanning License

If you want to use a Tenable Nessus scanner to perform web app scans in Tenable Security Center, you must acquire a Tenable Web App Scanning license for use with your Tenable Security Center deployment. For more information about web app scans in Tenable Security Center, see Web App Scans.

With a Tenable Web App Scanning for Tenable Security Center license, you can scan up to the number of licensed fully qualified domain names (FQDN) you have purchased.

For more information about Tenable Web App Scanning licenses or to purchase additional FQDNs, contact your Tenable representative.

Note: Web app scans are not supported for offline and air-gapped Tenable Security Center deployments.

Note: If you already have a Tenable Web App Scanning license and you upgrade to Tenable Security Center version 6.2.x, you must update your Tenable Web App Scanning license to enable web app scans in Tenable Security Center. After you enable Tenable Web App Scanning in Tenable Security Center, you will have to update Tenable Web App Scanning plugins manually in the UI, or wait for the nightly scheduled plugin update to run.