Plan Your Tenable One Synchronization
Tenable recommends planning your synchronization strategy to accommodate synchronization limitations and limit data duplication in Tenable Vulnerability Management.
Can I communicate with Tenable Vulnerability Management through a proxy?
To use the proxy configured for your Tenable Security Center instance for communications with your Tenable Vulnerability Management instance, contact Tenable Support.
Can I synchronize multiple Tenable Security Center instances?
You can synchronize data from multiple Tenable Security Center instances or managed Tenable Security Center instances to a single Tenable Vulnerability Management instance.
The following are some prerequisites and considerations for syncing more than one Tenable Security Center to Tenable Vulnerability Management.
Every repository that you sync with Tenable Vulnerability Management must have a unique name, across all Tenable Security Center instances.
If two repositories in different Tenable Security Center instances have the same name, and you sync both repositories with Tenable Vulnerability Management, the second repository sync will fail when Tenable Security Center attempts to create the network, because there will already be a network in Tenable Vulnerability Management with the same name.
Every asset list that you sync with Tenable Vulnerability Management must have a unique name, across all Tenable Security Center instances.
If two asset lists in different Tenable Security Center instances have the same name, and you sync both asset lists with Tenable Vulnerability Management, the second asset list sync will fail due to duplicate tag names.
Note: Unique asset list names are important because every organization in Tenable Security Center comes with the same default set of dynamic asset lists.
You cannot sync a Tenable Security Center Director instance with Tenable Vulnerability Management. However, you can sync multiple managed Tenable Security Center instances with Tenable Vulnerability Management.
To prevent sync issues due to overlapping IP addresses across repositories, enable Network Support in each Tenable Security Center instance. Network Support is enabled by default in Tenable Security Center 5.19.x and later. For more information, see Network Support and Repository Overlap.
What data does synchronization include?
Tenable Security Center supports synchronizing:
IPv4 addresses within dynamic assets and IPv4 addresses within static assets.Note: You cannot synchronize IPv6 addresses within static assets. If an asset contains a mix of IPv4 and IPv6 addresses, Tenable Security Center synchronizes only the IPv4 addresses.
Note: You cannot synchronize non-IPv4 assets within dynamic assets. If a dynamic asset contains other asset types, Tenable Security Center synchronizes only the IPv4 addresses.
Note: You cannot synchronize DNS name list assets, LDAP query assets, combination assets, watchlist assets, or import assets.
Active or agent cumulative database and scan result vulnerability data stored in IPv4, IPv6, agent, and universal repositories.
The initial synchronization includes all cumulative database data from the repository. All subsequent synchronizations include only the new or modified scan result data imported to the repository.
Note: You cannot synchronize passive scan result vulnerability data. Tenable Security Center identifies vulnerability data by plugin family and excludes Tenable Nessus Network Monitor and LCE plugin families from synchronization.
Caution: To avoid data merge issues in Tenable Vulnerability Management, Tenable recommends
enabling Network Support orresolving all repository overlaps before synchronizing data to Tenable Vulnerability Management. You cannot resolve data merge issues after synchronizing a repository with Tenable Vulnerability Management; you must enable Network Support orresolve overlapping repositories in Tenable Security Center before synchronizing a repository for the first time. For more information, see Network Support and Repository Overlap.
Do I need to synchronize both data types (repositories and assets)?
Yes. In order to accurately assess your Cyber Exposure risk with Tenable Lumin, you must synchronize one or more asset lists and one or more repositories containing vulnerability data for those assets.
Should I resolve repository overlaps or enable Network Support?
If you first configured Tenable Lumin synchronization in Tenable Security Center 5.19.x or later, Network Support is enabled by default and cannot be disabled.
If you first configured Tenable Lumin synchronization in Tenable Security Center 5.18.x or earlier and upgraded to Tenable Security Center 5.19.x or later, you can decide to enable Network Support instead of resolving repository overlaps in the Tenable Security Center repositories you synchronize with Tenable Vulnerability Management. Contact your Tenable representative to enable Network Support.
Tip: For the purpose of determining the default setting for Network Support, Tenable Lumin synchronization is configured if you have configured the Tenable.io Connection Settings and selected at least one repository to synchronize.
Vulnerability and asset data synchronize differently to Tenable Vulnerability Management.
After you initiate a synchronization, Tenable Security Center immediately begins transferring data to Tenable Vulnerability Management. After 10-15 minutes, data begins appearing in Tenable Vulnerability Management.
Newly transferred data does not immediately impact your Tenable Lumin metrics (for example, your CES). Tenable requires
All data and recalculated Tenable Lumin metrics appear in Tenable Vulnerability Management within
Recalculated metrics appear in Tenable Security Center after the next daily retrieval.
|Asset data (tags in Tenable Vulnerability Management)||
Which of my synchronized assets count toward my Tenable Vulnerability Management license?
Synchronized assets that count toward your Tenable Security Center license also count toward your Tenable Vulnerability Management license. For more information about Tenable Security Center asset counting, see License Requirements.
You can view your synchronized data in both the Vulnerability Management and Tenable Lumin areas of Tenable Vulnerability Management.
View your synchronized data on the Assets page. For more information, see View Assets in Tenable Vulnerability Management.
View your synchronized data on any Tenable One page. For more information, see Tenable Lumin.
Tip: To view limited metrics Tenable Security Center retrieves from Tenable Lumin in Tenable Vulnerability Management, see View Tenable One Metrics.