Get Started With Tenable.sc

Use the following getting started sequence to configure and mature your Tenable.sc deployment.

  1. Prepare
  2. Install
  3. Configure Scans
  4. Refine
  5. Expand

Prepare

Before you begin, learn about Tenable.sc and establish a deployment plan and analysis workflow to guide your configurations.

  • Access Tenable Support and training resources for Tenable.sc, including:
  • Design a deployment plan by identifying your organization's objectives and analyzing your network topology. Consider Tenable-recommended best practices for your environment. For more information about environment requirements, see Requirements. For information about scan types, see Scanning Overview.

  • Design an analysis workflow. Identify key stakeholders in your management and operational groups, considering the data you intend to share with each stakeholder.

For more information about planning a large enterprise deployment of Tenable.sc, see the Tenable.sc Large Enterprise Deployment Guide.

Install

Install Tenable.sc and perform initial configuration.

  1. Prepare for the installation, as described in Before You Install.
  2. Install Tenable.sc, as described in Install Tenable.sc.
  3. Perform quick setup, as described in Quick Setup. You can:

    • Upload licenses
    • Configure one Nessus scanner
    • Configure one NNM scanner (requires a NNM activation license)
    • Configure one LCE server (requires an LCE® activation license)
    • Create one repository
    • Create one organization
    • Configure one LDAP server
    • Create one administrator user account and one security manager account
    • Configure usage statistic collection

    Tenable recommends following the quick setup wizard, but you can configure these features later. For example, do not configure LDAP until you have easy access to all necessary LDAP parameters.

  4. Configure SMTP settings, as described in Mail Settings.
  5. Configure scan zones, as described in Add a Scan Zone.
  6. Configure additional repositories, if necessary, as described in Repositories.
  7. Configure additional scanners, if necessary, as described in Nessus Scanners, Nessus Network Monitor Instances, and Log Correlation Engines.
  8. Configure security settings (e.g., password complexity requirements and custom banners), as described in Security Settings.

Configure Scans

Configure and run basic scans to begin evaluating the effectiveness of your deployment plan and analysis workflow.

  1. Configure credentials, as described in Credentials.
  2. Create static assets, as described in Add a Custom Asset. For more information about asset types, see Assets.
  3. Configure a Host Discovery policy and a Basic Network Scan policy from Tenable-provided scan policy templates, as described in Add a Scan Policy.
  4. Configure and run scans for those policies, as described in Add an Active Scan and Add an Agent Scan.

  5. Confirm that the scans can access all areas of your network with no credential issues.
  6. Configure NNM scanners, as described in Nessus Network Monitor Instances.
  7. When the scans complete, create template-based dashboards and reports, as described in Dashboards and Reports.

Tenable recommends frequently reviewing your scan results and scan coverage. You may need to modify your scan configurations to suit your organization's objectives and reach all areas of your network.

Refine

Configure other features, if necessary, and refine your existing configurations.

Expand

Review and mature your deployment plan and analysis workflow.

  • Conduct weekly meetings to review your organization's responses to identified vulnerabilities.
  • Conduct weekly management meetings to oversee your teams executing the analysis workflow.
  • Review scan automation settings and consider revising.
  • Review your scan results and scan coverage. You may need to modify your scan configurations to suit your organization's objectives and reach all areas of your network.
  • Optimize and operationalize your custom dashboards to meet the needs of individual user account holders.
  • Optimize and operationalize your custom reports to prepare them for distribution.
  • Consider configuring API integrations, as described in the Tenable.sc API Guide and the Tenable.sc API Best Practices Guide.