TOC & Recently Viewed

Recently Viewed Topics

Nessus

The Nessus application must be activated and configured to make the system manageable via a web browser or SecurityCenter.

Until a valid Activation Code is entered or the Nessus scanner has been configured to be managed by SecurityCenter, the message Error: Invalid/Expired Activation Code will be displayed in red on the Nessus Installation Info card on the Nessus page.

Configuration options for Nessus are available in the cards on the Nessus page.

Nessus Installation Info

The Nessus Installation Info section provides information for the Nessus application. Users can view the URLs, Service Status, License, Challenge Code, Application version, and Binary version.

Edit Nessus Users

The Edit Nessus Users section provides a place where user passwords can be updated and user rules can be configured.

Update Password

  1. Select the user from the drop down list.
  2. Enter the New Password in the New Password field.
  3. Confirm the New Password in the Confirm New Password field.
  4. Click Reset Password. A green success message will display at the bottom of the card.

Configure User Rules

  1. Select the user from the drop down list.
  2. Click the Configure User Rules link. A new window will open with a text box to enter the user rules.
  3. Enter the user rules and click Save.
  4. A success message will appear at the bottom of the Edit Nessus User card.

Nessus Plugin Management

The Nessus Plugin Management section enables users to manually update their Nessus plugin set. This is useful in offline situations where SecurityCenter will not have direct access to Tenable’s plugin servers. It is important to disable the SecurityCenter nightly plugin update process when using the manual method.

Note: Nessus cannot be running while these builds are performed. Stop Nessus by selecting the Stop option in the Service Status section on the Nessus Installation Info card.

Rebuild Plugin Database

  1. Click the Rebuild Plugin Database button.
  2. A message with a status update that the system is rebuilding the plugin database will appear at the bottom of the card.
  3. A green Success message will appear when the rebuild is complete.

Remove Plugins

  1. Click the Remove Plugins button.
  2. A message with a status update that the system is removing the plugins appears at the bottom of the card.
  3. A green Success message will appear when the removal is complete.

Nessus Webserver Authentication

The Web Server Authentication section controls the configuration of the SSL Client Certificate authentication permissions. The two options are password or SSL Client Certificate. This setting will control the option available for users to log into the Nessus server via SSL client certificate or password authentication.

  • The SSL Client Certificate option configures the Nessus web server to only accept connections from web browsers that present a valid SSL client certificate. Other connection attempts will be rejected by the web server with the exact message displayed dependent on the web browser in use.
  • The Password option configures the Nessus web server to ignore any SSL client certificates but allow the web browser connection. This is the default setting and works with most web browsers without issue.

To change the Nessus Webserver Authentication:

  1. Click the arrow in the drop down menu to display the options on the Nessus Webserver Authentication card.
  2. Select the desired type of authentication.
  3. Click Set Authentication Type to save the new selection. A green Success message will appear to confirm the update and states that Nessus will have to be restarted for the changes to take effect.

Edit Nessus Rules

This section allows you to define the nessusd.rules, that function the same as the user rules discussed above, to forbid or allow nessusd to connect to some or all ports for the specified IP address or Plugin ID. These rules affect Nessus globally regardless of the defined Nessus user rules.

  1. Make edits directly in the text box displayed.
  2. Click Save Nessus Rules to confirm the update.

Nessus Logs

The Nessus Logs section contains four different log types. Click on the drop down menu to view the Backend log, Webserver log, Error log, and nessussd.messages log. After making your selection, click view log.

 

Copyright 2017 - 2018 Tenable, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc. Tenable, Tenable.io, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.

Documentation ID: 1809041422