Tenable Security Center Director Deployments
You can use Tenable Security Center Director to manage Tenable Nessus scanners and scan zones and monitor scan results on multiple Tenable Security Center instances. If your deployment includes several instances of Tenable Security Center, Tenable recommends using Tenable Security Center Director to remotely monitor your Tenable Security Center instances.
A Tenable Security Center Director deployment includes:
-
One Tenable Security Center Director where you connect managed Tenable Security Center instances. You use Tenable Security Center Director to centralize and monitor data collected by your managed Tenable Security Center instances.
Tenable Security Center Director cannot perform scans. Plan your deployment to ensure you have adequate scan coverage on the Tenable Security Center instances you plan to manage from Tenable Security Center Director. -
One or more managed Tenable Security Center instances. You connect managed Tenable Security Center instances to collect vulnerability data that can be viewed in Tenable Security Center Director.
Note: You must run the same version of Tenable Security Center on your entire Tenable Security Center Director deployment, including Tenable Security Center Director and all managed Tenable Security Center instances that you connect to Tenable Security Center Director. Tenable Security Center Director cannot communicate with managed Tenable Security Center instances that are running a different version of Tenable Security Center.
Note: To enable cumulative vulnerability data analysis, add the repositories of your managed Tenable Security Center Director instances as Remote Repositories.
To plan and fully configure your Tenable Security Center Director deployment, see Get Started With Tenable Security Center Director.
For more information, see:
Monitor Your Tenable Security Center Director Deployment
After you acquire a Tenable Security Center Director license, configure Tenable Security Center Director, and connect one or more managed Tenable Security Center instances, you can monitor the following details from Tenable Security Center Director:
-
The status, version, and total number of Tenable Nessus Scanners running on each managed Tenable Security Center instance
-
The Scan Zones configured on each managed Tenable Security Center instance
-
The scan results of scans run on each managed Tenable Security Center instance
-
A summary of plugin sets used on each managed Tenable Security Center instance
-
A summary of plugin sets used by Tenable Nessus scanners on each managed Tenable Security Center instance
-
The version of Tenable Security Center running on each managed Tenable Security Center instance
You can configure the following from Tenable Security Center Director:
-
Add, edit, and delete Tenable Nessus scanners and scan zones on managed Tenable Security Center instances. For more information, see Tenable Nessus Scanners and Scan Zones.
-
Pause, resume, or stop scans that are running on managed Tenable Security Center instances, as described in Pause, Resume, or Stop Scans on a Managed Tenable Security Center Instance.
Note: You can only edit configurations for Tenable Nessus scanners and scan zones on managed Tenable Security Center instances from Tenable Security Center Director. To manage other configurations on a managed Tenable Security Center instance, log in to that instance.
Note: You cannot download Tenable Nessus scanner logs on managed Tenable Security Center instances from Tenable Security Center Director. To download Tenable Nessus scanner logs on a managed Tenable Security Center instance, log in to that instance.
Tip: Managed Tenable Security Center instances cannot share repository data. For more information about sharing repository data between Tenable Security Center instances, see Tiered Remote Repositories.
Tip: Using the Tenable Security Center Director API, you can perform the following actions to manage active scans on your managed Tenable Security Center instances:
-
Add, retrieve, and delete scan and scan policy configurations for active scans.
-
Retrieve scan objects, such as users, scan policies, repositories, and scan zones for active scans.
For more information, see the Tenable Security Center API Guide.