Tenable.io Vulnerability Management Licenses

Your Tenable.io Vulnerability Management instance has a licensed asset limit, which determines the number of assets you can scan for vulnerabilities. If you exceed your license limit, you can temporarily continue to use Tenable.io to scan your assets before adjusting your license as needed.

You can view your license information to see how many assets are currently being counted against your Tenable.io license. You can use this information to evaluate how effectively you are using your asset licenses.

To understand licenses, see the following sections:

Note: You can use the Is Licensed (VM) advanced search filter to view assets that currently count against your Tenable.io license. For more information, see Filter a Table.

How Assets are Counted

Tenable.io analyzes multiple asset attributes, not just IP addresses, to identify an asset. For more information on how Tenable.io identifies an asset, see the Tenable.io FAQ.

Assets are counted towards your license limit depending on how Tenable.io discovers, or sees, the asset. In general, an asset does not count against your license limit unless it has been assessed for vulnerabilities.

Assets Counted Assets Not Counted

Conditions where an asset counts towards your license limit can include:

  • An active scan.
  • An agent scan.
  • An import of asset data that contains information on vulnerabilities (for example, Mobile Device Management data).

Conditions where an asset does not count towards your license limit can include:

  • A scan configured with the Host Discovery template or configured to use only the discovery plugins.
  • An import of asset data that does not contain information on vulnerabilities (for example, ServiceNow data).
  • A linked instance of Nessus Network Monitor running in discovery mode.
  • A connector, until and unless the asset is scanned for vulnerabilities.

Reclaiming Licenses

When Tenable.io reclaims a license, that license becomes available for a different asset. Tenable.io reclaims licenses in the following scenarios:

  • When a licensed asset has not been scanned for 90 days, it ages out of the license count.
  • If an asset was discovered through connectors and subsequently became licensed, the asset license is reclaimed the day after the asset is terminated. You can observe this event via the connector.

You can monitor licenses that are expected to be reclaimed in your License Information.

Plugins Excluded from the License Limit

The following plugins do not count towards the license limit.

Note: Plugin IDs are static, but Tenable.io occasionally updates plugin names. For the latest information on plugins, see https://www.tenable.com/plugins.

Nessus Plugins

Nessus Plugin ID Name Family
45590 Common Platform Enumeration General
54615 Device Type General
12053 Host Fully Qualified Domain Name (FQDN) General
11936 OS Identification General
10287 Traceroute Information General
22964 Service Detection Service Detection
11933 Do not scan printers Settings
87413 Host Tagging Settings
19506 Nessus Scan Information Settings
33812 Port scanners settings Settings
33813 Port scanner dependency Settings
10180 Ping the remote host Port scanners
10335 Nessus TCP scanner Port scanners
11219 Nessus SYN scanner Port scanners
14274 Netstat Portscanner (SSH) Port scanners
14272 Netstat Portscanner (WMI) Port scanners
34220 Nessus SNMP Scanner Port scanners
34277 Nessus UDP Scanner Port scanners

Nessus Network Monitor Plugins

Nessus Network Monitor Plugin ID Name
0 Open Ports
12 Host TTL discovered
13 New Hosts
18 Protocols Information
20 IPv6 Tunnel Information
113 VXLAN Information
132 Host Attribute Enumeration