Port Requirements

Tenable Security Center port requirements include Tenable Security Center-specific, Tenable Security Center Director-specific, and application-specific requirements.

Tenable Security Center Instance

Your Tenable Security Center instances require access to specific ports for inbound and outbound traffic.

Inbound Traffic

You must allow inbound traffic to the following ports.

Port Traffic
TCP 22 Performing remote repository synchronization with another Tenable Security Center.
TCP 443

Accessing the Tenable Security Center interface.

Communicating with Tenable Security Center Director instances.

Communicating with OT Security instances.

Performing the initial key push for remote repository synchronization with another Tenable Security Center.

Interacting with the API.

Outbound Traffic

You must allow outbound traffic to the following ports.

Port Traffic
TCP 22 Communicating with Log Correlation Engine for event query.
TCP 25

Sending SMTP email notifications.

TCP 443

Communicating with Tenable Lumin for synchronization.

Communicating with the plugins.nessus.org server for plugin updates.

TCP 1243 Communicating with Tenable Log Correlation Engine.
TCP 8834 Communicating with Tenable Nessus.
TCP 8835 Communicating with Tenable Nessus Network Monitor.
UDP 53

Performing DNS resolution.

Tenable Security Center Director

Your Tenable Security Center Director instances require access to specific ports for inbound and outbound traffic.

Inbound Traffic

You must allow inbound traffic to the following ports.

Port Traffic
TCP 22 Performing remote repository synchronization with another Tenable Security Center.
TCP 443

Accessing the Tenable Security Center Director interface.

Communicating with managed Tenable Security Center instances.

Accessing the Tenable Security Center API interface.

Performing automatic SSH key setup to synchronize remote repositories with another Tenable Security Center.

Outbound Traffic

You must allow outbound traffic to the following ports.

Port Traffic
TCP 25

Sending SMTP email notifications.

TCP 443

Communicating with the plugins.nessus.org server for plugin updates.

Performing automatic SSH key setup to synchronize remote repositories with another Tenable Security Center.

UDP 53

Performing DNS resolution.

Tenable Nessus Scanner

Your Tenable Nessus instances require access to specific ports for inbound and outbound traffic.

Inbound Traffic

You must allow inbound traffic to the following ports.

Port Traffic
TCP 8834

Accessing the Tenable Nessus interface.

Communicating with Tenable Security Center.

Interacting with the API.

Outbound Traffic

You must allow outbound traffic to the following ports.

Port Traffic
TCP 25

Sending SMTP email notifications.

TCP 443

Communicating with Tenable Vulnerability Management (sensor.cloud.tenable.com or sensor.cloud.tenablecloud.cn).

Communicating with the plugins.nessus.org server for plugin updates.

UDP 53

Performing DNS resolution.

Tenable Nessus Agent

Your Tenable Nessus Agents require access to specific ports for outbound traffic.

Outbound Traffic

You must allow outbound traffic to the following ports.

Port Traffic
TCP 443

Communicating with Tenable Vulnerability Management.

TCP 8834

Communicating with Tenable Nessus Manager.

Note: The default Tenable Nessus Manager port is TCP 8834. However, this port is configurable and may be different for your organization.

UDP 53

Performing DNS resolution.

Note: Operating system installation commands, such as dnf install, may require other connections besides Tenable Vulnerability Management or Tenable Nessus Manager. Consult your operating system administrator for more information.

Tenable Nessus Network Monitor

Your Tenable Nessus Network Monitor instances require access to specific ports for inbound and outbound traffic.

Inbound Traffic

You must allow inbound traffic to the following ports.

Port Traffic
TCP 8835

Accessing the Tenable Nessus Network Monitor interface.

Communicating with Tenable Security Center.

Outbound Traffic

You must allow outbound traffic to the following ports.

Port Traffic
TCP 443

Communicating with Tenable Vulnerability Management (sensor.cloud.tenable.com or sensor.cloud.tenablecloud.cn).

Communicating with the plugins.nessus.org server for plugin updates.

TCP 601

Communications for reliable TCP syslog forwarding.

UDP 53

Performing DNS resolution.

UDP 514

Communications for UDP syslog forwarding.

Tenable Log Correlation Engine

Your Log Correlation Engine and Log Correlation Engine client instances require access to specific ports for inbound and outbound traffic.

Inbound Traffic

You must allow inbound traffic to the following ports.

Port Traffic
Log Correlation Engine
TCP 22 Communicating with Tenable Security Center for Log Correlation Engine event query.
TCP 601

Communications for reliable TCP syslog forwarding.

TCP 1243 Communicating with Tenable Security Center for Log Correlation Engine event vulnerability import.
TCP 8836

Accessing the Log Correlation Engine interface.

TCP 31300 Communicating with Log Correlation Engine clients.
UDP 162 Communicating with SNMP server for receiving SNMP traps.
UDP 514

Communications for UDP syslog forwarding.

Log Correlation Engine Client
TCP 1468 Communications between network devices and the Tenable Network Monitor.
TCP 9800 Communications between Splunk and the Log Correlation Engine Splunk Client.
TCP 18185 Communications between Check Point firewalls and the Log Correlation Engine OPSEC Client.
UDP 514 Communications between network devices and the Tenable Network Monitor.
UDP 2055 Communications between routers and the Tenable NetFlow Monitor.

Outbound Traffic

You must allow outbound traffic to the following ports.

Port Traffic
Log Correlation Engine
TCP 25

Sending SMTP email notifications.

TCP 443

Communicating with Tenable Vulnerability Management (sensor.cloud.tenable.com or sensor.cloud.tenablecloud.cn).

Communicating with the plugins.nessus.org server for plugin updates.

TCP 601

Communications for reliable TCP syslog forwarding.

UDP 53

Performing DNS resolution.

UDP 514

Communications for UDP syslog forwarding.

Log Correlation Engine Client
TCP 135 Communicating with the targets of the Log Correlation Engine WMI Monitor Client.
TCP 443

Communicating with the web host of the Log Correlation Engine Web Query Client.

TCP 445 Communicating with the targets of the Log Correlation Engine WMI Monitor Client.
TCP 31300 Communicating with Log Correlation Engine.