Mobile Repositories

The mobile repository is a local type that stores data from various servers. For more information, see Add a Repository.

General Options

Configure the following options for all mobile repository types.

Option Description Default

Name

The repository name.

--

Description

(Optional) A description for the repository.

--

Type

The type of repository you want to configure. Your Type selection determines the type-specific options you must configure: ActiveSync Options, AirWatch MDM Options, Apple Profile Manager Options, Blackberry UEM Options, Good MDM Options, Microsoft Intune Options, or Mobile Iron Options.

--

Organizations

Specifies which organizations have access to the vulnerability data stored in the repository.

If groups are configured for the organization, Tenable Security Center prompts you to grant or deny access to all of the groups in the organization. For more granular control, grant access within the settings for that group.

--

ActiveSync Options

The following table describes the additional options to configure when creating an ActiveSync mobile repository.

Option Description Default
Domain Controller

The domain controller for ActiveSync.

--
Domain

The Windows domain for ActiveSync.

--
Domain Username

The username for the domain administrator's account that Tenable Security Center uses to authenticate to ActiveSync.

--
Domain Password

The password for the domain administrator user.

--
Scanner

Specifies which Tenable Nessus scanner Tenable Security Center uses when scanning the server. Tenable Security Center can only use one Tenable Nessus scanner to add data to a mobile repository.

--
Update Schedule

Specifies when Tenable Security Center scans the server to update the mobile repository. On each scan, Tenable Security Center removes the current data in the repository and replaces it with data from the latest scan.

Every day at 12:30 -04:00

AirWatch MDM Options

The following table describes the additional options to configure when creating an AirWatch MDM mobile repository.

Option Description Default
AirWatch Environment API URL

The SOAP URL or REST API URL you want Tenable Security Center to use to authenticate with AirWatch.

--

Port

The TCP port that AirWatch listens on for communications from Tenable Security Center.

443

Username

The username for the AirWatch user account Tenable Security Center uses to authenticate to AirWatch's REST API.

--

Password

The password for the AirWatch user.

--

API Key

The API key for the AirWatch REST API.

--

HTTPS

When enabled, Tenable Security Center connects using secure communication (HTTPS).

When disabled, Tenable Security Center connects using standard HTTP.

Enabled

Verify SSL Certificate

When enabled, Tenable Security Center verifies that the SSL certificate on the server is signed by a trusted CA.

Tip: If you are using a self-signed certificate, disable this setting.

Enabled

Scanner

Specifies which Tenable Nessus scanner Tenable Security Center uses when scanning the server. Tenable Security Center can only use one Tenable Nessus scanner to add data to a mobile repository.

--

Update Schedule

Specifies when Tenable Security Center scans the server to update the mobile repository. On each scan, Tenable Security Center removes the current data in the repository and replaces it with data from the latest scan.

Every day at 12:30 -04:00

Apple Profile Manager Options

The following table describes the additional options to configure when creating an Apple Profile Manager mobile repository.

Option Description Default
Server The server URL Tenable Security Center uses to authenticate with Apple Profile Manager. --
Port

The TCP port that Apple Profile Manager listens on for communications from Tenable Security Center.

443
Username

(Optional) The username for the Apple Profile Manager user account Tenable Security Center uses to authenticate to Apple Profile Manager.

--
Password (Optional) The password for the Apple Profile Manager user. --
HTTPS

When enabled, Tenable Security Center connects using secure communication (HTTPS).

When disabled, Tenable Security Center connects using standard HTTP.

Enabled
Verify SSL Certificate

When enabled, Tenable Security Center verifies that the SSL certificate on the server is signed by a trusted CA.

Tip: If you are using a self-signed certificate, disable this setting.

Enabled

Scanner

Specifies which Tenable Nessus scanner Tenable Security Center uses when scanning the server. Tenable Security Center can only use one Tenable Nessus scanner to add data to a mobile repository.

--

Update Schedule

Specifies when Tenable Security Center scans the server to update the mobile repository. On each scan, Tenable Security Center removes the current data in the repository and replaces it with data from the latest scan.

Every day at 12:30 -04:00

Blackberry UEM Options

The following table describes the additional options to configure when creating a Blackberry UEM mobile repository.

Option Description Default
Blackberry UEM Hostname The hostname for the Blackberry UEM server. --
Blackberry UEM Port The port you want Tenable Security Center to use for authenticating to the Blackberry UEM server. --
Blackberry UEM Tenant The SRP ID value in Blackberry UEM. --
Blackberry UEM Domain (Optional) The domain name value in Blackberry UEM. --
Blackberry UEM Username

The username for the Blackberry UEM user account Tenable Security Center uses to authenticate to Blackberry UEM.

--
Blackberry UEM Password The password for the Blackberry UEM user. --
Blackberry UEM SSL

When enabled, Tenable Security Center uses an encrypted connection to authenticate with Blackberry UEM.

Disabled
Blackberry UEM Verify SSL Certificate

When enabled, Tenable Security Center verifies that the SSL certificate on the server is signed by a trusted CA.

Tip: If you are using a self-signed certificate, disable this setting.

Disabled
Scanner

Specifies which Tenable Nessus scanner Tenable Security Center uses when scanning the server. Tenable Security Center can only use one Tenable Nessus scanner to add data to a mobile repository.

--
Update Schedule Specifies when Tenable Security Center scans the server to update the mobile repository. On each scan, Tenable Security Center removes the current data in the repository and replaces it with data from the latest scan. Every day at 12:30 -04:00

Good MDM Options

The following table describes the additional options to configure when creating a Good MDM mobile repository.

Option Description Default
Server The server URL Tenable Security Center uses to authenticate with Good MDM. --
Port

The TCP port that Good MDM listens on for communications from Tenable Security Center.

--
Domain The domain name for Good MDM. --
Username

The username for the Good MDM user account Tenable Security Center uses to authenticate to Good MDM.

--
Password The password for the Good MDM user. --
HTTPS

When enabled, Tenable Security Center connects using secure communication (HTTPS).

When disabled, Tenable Security Center connects using standard HTTP.

Enabled
Verify SSL Certificate

When enabled, Tenable Security Center verifies that the SSL certificate on the server is signed by a trusted CA.

Tip: If you are using a self-signed certificate, disable this setting.

Enabled

Scanner

Specifies which Tenable Nessus scanner Tenable Security Center uses when scanning the server. Tenable Security Center can only use one Tenable Nessus scanner to add data to a mobile repository.

--

Update Schedule

Specifies when Tenable Security Center scans the server to update the mobile repository. On each scan, Tenable Security Center removes the current data in the repository and replaces it with data from the latest scan.

Every day at 12:30 -04:00

MaaS360 Options

The following table describes the additional options to configure when creating a MaaS360 mobile repository.

Option Description Default
Username

The username for the MaaS360 user account Tenable Security Center uses to authenticate to MaaS360.

--
Password The password for the MaaS360 user. --
Root URL

The URL Tenable Security Center uses to authenticate to MaaS360.

--
Platform ID The ID for the device platform. --
Billing ID The billing ID for the MaaS360 account. --
App ID The ID for the MaaS360 application. --
App Version The MaaS360 application version. --
App Access Key The access key for the MaaS360 application. --
Collect All Device Data

When enabled, a mobile repository scan will collect all data.

When disabled, you can select which types of data a mobile repository scan will collect:

  • Collect Device Summary

  • Collect Device Applications

  • Collect Device Compliance

  • Collect Device Policies

Enabled

Scanner

Specifies which Tenable Nessus scanner Tenable Security Center uses when scanning the server. Tenable Security Center can only use one Tenable Nessus scanner to add data to a mobile repository.

--

Update Schedule

Specifies when Tenable Security Center scans the server to update the mobile repository. On each scan, Tenable Security Center removes the current data in the repository and replaces it with data from the latest scan.

Every day at 12:30 -04:00

Microsoft Intune Options

The following table describes the additional options to configure when creating a Microsoft Intune mobile repository.

Option Description Default
Intune Tenant The Microsoft Azure Directory value in your Microsoft Intune registration. --
Intune Client The Microsoft Azure Application value generated during your Microsoft Intune registration. --
Intune Secret The Microsoft Azure client secret key. --
Intune Username

The username for the Microsoft Intune user account Tenable Security Center uses to authenticate to Microsoft Intune.

--
Intune Password The password for the Microsoft Intune user. --
Scanner

Specifies which Tenable Nessus scanner Tenable Security Center uses when scanning the server. Tenable Security Center can only use one Tenable Nessus scanner to add data to a mobile repository.

--
Update Schedule

Specifies when Tenable Security Center scans the server to update the mobile repository. On each scan, Tenable Security Center removes the current data in the repository and replaces it with data from the latest scan.

Every day at 12:30 -04:00

Mobile Iron Options

The following table describes the additional options to configure when creating a Mobile Iron mobile repository.

Option Description Default
MobileIron VSP Admin Portal URL The server URL Tenable Security Center uses to authenticate to the MobileIron administrator portal. --
VSP Admin Portal Port

(Optional) The TCP port that the MobileIron administrator portail listens on for communications from Tenable Security Center.

--
MobileIron Port

The TCP port that MobileIron listens on for communications from Tenable Security Center.

443
Username

The username for the MobileIron administrator account Tenable Security Center uses to authenticate to MobileIron.

--
Password The password for the MobileIron administrator user. --
HTTPS

When enabled, Tenable Security Center connects using secure communication (HTTPS).

When disabled, Tenable Security Center connects using standard HTTP.

Enabled
Verify SSL Certificate

When enabled, Tenable Security Center verifies that the SSL certificate on the server is signed by a trusted CA.

Tip: If you are using a self-signed certificate, disable this setting.

Enabled
Scanner

Specifies which Tenable Nessus scanner Tenable Security Center uses when scanning the server. Tenable Security Center can only use one Tenable Nessus scanner to add data to a mobile repository.

--
Update Schedule

Specifies when Tenable Security Center scans the server to update the mobile repository. On each scan, Tenable Security Center removes the current data in the repository and replaces it with data from the latest scan.

Every day at 12:30 -04:00