Mobile Repositories
The mobile repository is a local type that stores data from various servers. For more information, see Add a Repository.
General Options
Configure the following options for all mobile repository types.
| Option | Description | Default |
|---|---|---|
|
Name |
The repository name. |
-- |
|
Description |
(Optional) A description for the repository. |
-- |
|
Type |
The type of repository you want to configure. Your Type selection determines the type-specific options you must configure: |
-- |
|
Organizations |
Specifies which organizations have access to the vulnerability data stored in the repository. If groups are configured for the organization, Tenable Security Center prompts you to grant or deny access to all of the groups in the organization. For more granular control, grant access within the settings for that group. |
-- |
ActiveSync Options
The following table describes the additional options to configure when creating an ActiveSync mobile repository.
| Option | Description | Default |
|---|---|---|
| Domain Controller |
The domain controller for ActiveSync. |
-- |
| Domain |
The Windows domain for ActiveSync. |
-- |
| Domain Username |
The username for the domain administrator's account that Tenable Security Center uses to authenticate to ActiveSync. |
-- |
| Domain Password |
The password for the domain administrator user. |
-- |
| Scanner |
Specifies which Tenable Nessus scanner Tenable Security Center uses when scanning the server. Tenable Security Center can only use one Tenable Nessus scanner to add data to a mobile repository. |
-- |
| Update Schedule |
Specifies when Tenable Security Center scans the server to update the mobile repository. On each scan, Tenable Security Center removes the current data in the repository and replaces it with data from the latest scan. |
Every day at 12:30 -04:00 |
AirWatch MDM Options
The following table describes the additional options to configure when creating an AirWatch MDM mobile repository.
| Option | Description | Default |
|---|---|---|
| AirWatch Environment API URL |
The AirWatch API url endpoint. (For example, https://xxx.awmdm.com/api) |
-- |
| Port |
The TCP port that AirWatch listens on for communications from Tenable. |
443 |
| Username |
The username for the AirWatch user account Tenable uses to authenticate to Workspace ONE's API. |
-- |
| Password |
The password for the AirWatch user. |
-- |
| API Key |
The API key for the AirWatch API. |
-- |
| HTTPS |
When enabled, Tenable connects using secure communication (HTTPS). When disabled, Tenable connects using standard HTTP. |
Enabled |
| Verify SSL Certificate |
When enabled, Tenable verifies that the SSL certificate on the server is signed by a trusted CA. Tip: If you are using a self-signed certificate, disable this setting. |
Enabled |
|
Scanner |
Specifies which Tenable Nessus scanner Tenable Security Center uses when scanning the server. Tenable Security Center can only use one Tenable Nessus scanner to add data to a mobile repository. |
-- |
|
Update Schedule |
Specifies when Tenable Security Center scans the server to update the mobile repository. On each scan, Tenable Security Center removes the current data in the repository and replaces it with data from the latest scan. |
Every day at 12:30 -04:00 |
Apple Profile Manager Options
The following table describes the additional options to configure when creating an Apple Profile Manager mobile repository.
| Option | Description | Default |
|---|---|---|
| Server | The server URL Tenable Security Center uses to authenticate with Apple Profile Manager. | -- |
| Port |
The TCP port that Apple Profile Manager listens on for communications from Tenable Security Center. |
443 |
| Username |
(Optional) The username for the Apple Profile Manager user account Tenable Security Center uses to authenticate to Apple Profile Manager. |
-- |
| Password | (Optional) The password for the Apple Profile Manager user. | -- |
| HTTPS |
When enabled, Tenable connects using secure communication (HTTPS). When disabled, Tenable connects using standard HTTP. |
Enabled |
| Verify SSL Certificate |
When enabled, Tenable verifies that the SSL certificate on the server is signed by a trusted CA. Tip: If you are using a self-signed certificate, disable this setting. |
Enabled |
|
Scanner |
Specifies which Tenable Nessus scanner Tenable Security Center uses when scanning the server. Tenable Security Center can only use one Tenable Nessus scanner to add data to a mobile repository. |
-- |
|
Update Schedule |
Specifies when Tenable Security Center scans the server to update the mobile repository. On each scan, Tenable Security Center removes the current data in the repository and replaces it with data from the latest scan. |
Every day at 12:30 -04:00 |
Blackberry UEM Options
The following table describes the additional options to configure when creating a Blackberry UEM mobile repository.
| Option | Description | Default |
|---|---|---|
| Hostname | The hostname for the Blackberry UEM server. | -- |
| Port | The port you want Tenable Security Center to use for authenticating to the Blackberry UEM server. | -- |
| Tenant | The SRP ID value in Blackberry UEM. | -- |
| Domain | (Optional) The domain name value in Blackberry UEM. | -- |
| Username |
The username for the Blackberry UEM user account Tenable Security Center uses to authenticate to Blackberry UEM. |
-- |
| Password | The password for the Blackberry UEM user. | -- |
| SSL |
When enabled, Tenable Security Center uses an encrypted connection to authenticate with Blackberry UEM. |
Disabled |
| Verify SSL Certificate |
When enabled, Tenable verifies that the SSL certificate on the server is signed by a trusted CA. Tip: If you are using a self-signed certificate, disable this setting. |
Disabled |
| Scanner |
Specifies which Tenable Nessus scanner Tenable Security Center uses when scanning the server. Tenable Security Center can only use one Tenable Nessus scanner to add data to a mobile repository. |
-- |
| Update Schedule | Specifies when Tenable Security Center scans the server to update the mobile repository. On each scan, Tenable Security Center removes the current data in the repository and replaces it with data from the latest scan. | Every day at 12:30 -04:00 |
Good MDM Options
The following table describes the additional options to configure when creating a Good MDM mobile repository.
| Option | Description | Default |
|---|---|---|
| Server | The server URL Tenable Security Center uses to authenticate with Good MDM. | -- |
| Port |
The TCP port that Good MDM listens on for communications from Tenable Security Center. |
-- |
| Domain | The domain name for Good MDM. | -- |
| Username |
The username for the Good MDM user account Tenable Security Center uses to authenticate to Good MDM. |
-- |
| Password | The password for the Good MDM user. | -- |
| HTTPS |
When enabled, Tenable connects using secure communication (HTTPS). When disabled, Tenable connects using standard HTTP. |
Enabled |
| Verify SSL Certificate |
When enabled, Tenable verifies that the SSL certificate on the server is signed by a trusted CA. Tip: If you are using a self-signed certificate, disable this setting. |
Enabled |
|
Scanner |
Specifies which Tenable Nessus scanner Tenable Security Center uses when scanning the server. Tenable Security Center can only use one Tenable Nessus scanner to add data to a mobile repository. |
-- |
|
Update Schedule |
Specifies when Tenable Security Center scans the server to update the mobile repository. On each scan, Tenable Security Center removes the current data in the repository and replaces it with data from the latest scan. |
Every day at 12:30 -04:00 |
MaaS360 Options
The following table describes the additional options to configure when creating a MaaS360 mobile repository.
| Option | Description | Default |
|---|---|---|
| Username |
The username for the MaaS360 user account Tenable Security Center uses to authenticate to MaaS360. |
-- |
| Password | The password for the MaaS360 user. | -- |
| Root URL |
The URL Tenable Security Center uses to authenticate to MaaS360. |
-- |
| Platform ID | The ID for the device platform. | -- |
| Billing ID | The billing ID for the MaaS360 account. | -- |
| App ID | The ID for the MaaS360 application. | -- |
| App Version | The MaaS360 application version. | -- |
| App Access Key | The access key for the MaaS360 application. | -- |
| Collect All Device Data |
When enabled, a mobile repository scan collects all data. When disabled, you can select which types of data a mobile repository scan collects:
|
Enabled |
|
Scanner |
Specifies which Tenable Nessus scanner Tenable Security Center uses when scanning the server. Tenable Security Center can only use one Tenable Nessus scanner to add data to a mobile repository. |
-- |
|
Update Schedule |
Specifies when Tenable Security Center scans the server to update the mobile repository. On each scan, Tenable Security Center removes the current data in the repository and replaces it with data from the latest scan. |
Every day at 12:30 -04:00 |
Intune Options
The following table describes the additional options to configure when creating a Microsoft Intune mobile repository.
| Option | Description | Default |
|---|---|---|
| Intune Tenant | The Microsoft Azure Directory value in your Microsoft Intune registration. | -- |
| Intune Client | The Microsoft Azure Application value generated during your Microsoft Intune registration. | -- |
| Intune Secret | The Microsoft Azure client secret key. | -- |
| Intune Username |
The username for the Microsoft Intune user account Tenable Security Center uses to authenticate to Microsoft Intune. |
-- |
| Intune Password | The password for the Microsoft Intune user. | -- |
| Scanner |
Specifies which Tenable Nessus scanner Tenable Security Center uses when scanning the server. Tenable Security Center can only use one Tenable Nessus scanner to add data to a mobile repository. |
-- |
| Update Schedule |
Specifies when Tenable Security Center scans the server to update the mobile repository. On each scan, Tenable Security Center removes the current data in the repository and replaces it with data from the latest scan. |
Every day at 12:30 -04:00 |
MobileIron Options
The following table describes the additional options to configure when creating a MobileIron mobile repository.
| Option | Description | Default |
|---|---|---|
| MobileIron VSP Admin Portal URL | The server URL Tenable Security Center uses to authenticate to the MobileIron administrator portal. | -- |
| VSP Admin Portal Port |
(Optional) The TCP port that the MobileIron administrator portal listens on for communications from Tenable Security Center. |
-- |
| MobileIron Port |
The TCP port that MobileIron listens on for communications from Tenable Security Center. |
443 |
| Username |
The username for the MobileIron administrator account Tenable Security Center uses to authenticate to MobileIron. |
-- |
| Password | The password for the MobileIron administrator user. | -- |
| HTTPS |
When enabled, Tenable connects using secure communication (HTTPS). When disabled, Tenable connects using standard HTTP. |
Enabled |
| Verify SSL Certificate |
When enabled, Tenable verifies that the SSL certificate on the server is signed by a trusted CA. Tip: If you are using a self-signed certificate, disable this setting. |
Enabled |
| Scanner |
Specifies which Tenable Nessus scanner Tenable Security Center uses when scanning the server. Tenable Security Center can only use one Tenable Nessus scanner to add data to a mobile repository. |
-- |
| Update Schedule |
Specifies when Tenable Security Center scans the server to update the mobile repository. On each scan, Tenable Security Center removes the current data in the repository and replaces it with data from the latest scan. |
Every day at 12:30 -04:00 |
Workspace ONE Options
Note: For the Workspace ONE integration to function properly, you must be assigned all the Read-Only permissions available for the role. For more information, see the VMware documentation.
| Setting | Default Value | Description | Required |
|---|---|---|---|
|
Workspace ONE Environment API URL |
– |
The Workspace ONE API url endpoint. (For example, https://xxx.awmdm.com/api) |
yes |
|
Port |
443 |
The TCP port that Workspace ONE listens on for communications from Tenable. |
yes |
|
Workspace ONE Username |
– |
The username for the Workspace ONE user account Tenable uses to authenticate to Workspace ONE's API. |
yes |
|
Workspace ONE Password |
– |
The password for the Workspace ONE user. |
yes |
|
API Key |
– |
The API key for the VMware Workspace ONE API. |
yes |
|
HTTPS |
Enabled |
Enable for Tenable Security Center to authenticate over an encrypted (HTTPS) or an unencrypted (HTTP) connection. |
no |
|
Verify SSL Certificate |
Enabled |
(Appears when HTTPS is enabled) Enable for Tenable Security Center to verify if the SSL Certificate on the server is signed by a trusted CA. |
no |
|
Collect All Device Data |
Yes |
Collects all device data required for plugin checks. |
no |
|
Collect Device Applications |
Yes |
(Appears when Collect All Device Data is disabled) Collects applications installed on mobile devices. |
no |