Get Started With Tenable Security Center Director

Use the following getting started sequence to configure and mature your Tenable Security Center Director deployment. A fully configured Tenable Security Center Director deployment includes one Tenable Security Center Director and one or more managed Tenable.sc instances. For more information, see Tenable Security Center Director Deployments.

  1. Prepare

  2. Configure Managed Tenable.sc Instances

  3. Install

  4. Monitor Scans

  5. Refine

  6. Expand

Prepare

Before you begin, learn about Tenable.sc and Tenable Security Center Director, then establish a deployment plan and analysis workflow to guide your configurations.

  • Design a deployment plan by identifying your organization's objectives and analyzing your network topology. Consider Tenable-recommended best practices for your environment.

    Tenable Security Center Director cannot perform scans. Plan your deployment to ensure you have adequate scan coverage on the Tenable.sc instances you plan to manage from Tenable Security Center Director.
  • Design an analysis workflow. Identify key stakeholders in your management and operational groups, considering the data you intend to share with each stakeholder.

For more information about planning a large enterprise deployment of Tenable.sc, see the Tenable.sc Large Enterprise Deployment Guide.

Configure Managed Tenable.sc Instances

Configure the Tenable.sc instances you want to manage with Tenable Security Center Director.

  1. Install and fully configure Tenable.sc on your managed Tenable.sc instances, as described in Get Started With Tenable.sc in the Tenable.sc User Guide.

    Note: You must run the same version of Tenable.sc on your entire Tenable Security Center Director deployment, including Tenable Security Center Director and all managed Tenable.sc instances that you connect to Tenable Security Center Director. Tenable Security Center Director cannot communicate with managed Tenable.sc instances that are running a different version of Tenable.sc.

  2. To ensure that your Tenable.sc instances can connect to Tenable Security Center Director, apply the required license upgrade to each managed Tenable.sc instance, as described in Update an Existing License in the Tenable.sc User Guide.

  3. Generate API keys for an administrator on each managed Tenable.sc instance, as described in Generate API Keys in the Tenable.sc User Guide.

Install

Install Tenable Security Center Director and perform initial configuration.

Note: You cannot upgrade Tenable.sc to Tenable Security Center Director. If you want to install Tenable Security Center Director on a host where Tenable.sc is already installed, you must uninstall Tenable.sc and perform a clean installation of Tenable Security Center Director on that host. For more information, see Uninstall Tenable.sc.

Note: You must run the same version of Tenable.sc on your entire Tenable Security Center Director deployment, including Tenable Security Center Director and all managed Tenable.sc instances that you connect to Tenable Security Center Director. Tenable Security Center Director cannot communicate with managed Tenable.sc instances that are running a different version of Tenable.sc.

  1. Prepare for the installation, as described in Before You Install.

  2. Install Tenable Security Center Director, as described in Install Tenable Security Center Director.

  3. Perform quick setup, as described in Quick Setup. You can:

    • Apply activation codes for Tenable Nessus, Tenable Nessus Network Monitor, and Log Correlation Engine to allow Tenable Security Center Director to perform plugin updates

    • Connect Tenable.sc instances you want to manage with Tenable Security Center Director

    • Create one organization

    • Create one administrator user account and one security manager account

    • Configure usage statistic collection

    Tenable recommends following the quick setup wizard, but you can configure these features later. For example, do not configure LDAP until you have easy access to all necessary LDAP parameters.

  4. Configure SMTP settings, as described in Mail Settings.

  5. Configure remote repositories, if necessary, as described in Repositories.

  6. Configure security settings (e.g., password complexity requirements and custom banners), as described in Security Settings.

  7. Configure and connect additional managed Tenable.sc instances, if necessary, as described in Connect a Managed Tenable.sc Instance.

Monitor Scans

On your managed Tenable.sc instances, configure and run basic scans, as described in Getting Started with Tenable.sc in the Tenable.sc User Guide.

In Tenable Security Center Director, monitor running scans and scan results to begin evaluating the effectiveness of your deployment plan and analysis workflow.

  • Monitor running scans and scanner availability using the Insights Dashboard.

  • When the scans complete, create template-based dashboards and reports, as described in Dashboards and Reports.

Tenable recommends frequently reviewing your scan results and scan coverage. You may need to modify your scan configurations to suit your organization's objectives and reach all areas of your network.

Tip: You can manage scan policy configurations for active scans on your managed Tenable.sc instances from Tenable Security Center Director using the Tenable Security Center Director API. For more information, see the Tenable.sc API Guide.

Refine

Configure other features in Tenable Security Center Director, if necessary, and refine your existing configurations.

Expand

Review and mature your deployment plan and analysis workflow.

  • Conduct weekly meetings to review your organization's responses to identified vulnerabilities.

  • Conduct weekly management meetings to oversee your teams executing the analysis workflow.

  • Review scan automation settings on your managed Tenable.sc instances and consider revising.

  • Review your scan results and scan coverage. You may need to modify your scan configurations on your managed Tenable.sc instances to suit your organization's objectives and reach all areas of your network.

  • Optimize and operationalize your custom dashboards to meet the needs of individual user account holders.

  • Optimize and operationalize your custom reports to prepare them for distribution.

  • Consider configuring API integrations, as described in the Tenable.sc API Guide and the Tenable.sc API Best Practices Guide.