Considerations for Air-Gapped Environments
Consider the following when deploying Tenable.sc in an air-gapped (offline) environment.
You must deploy a Tenable.sc and a set of scanners within each air-gapped network.
If you want to consolidate data from other networks with the data generated in your air-gapped network, you can use offline repositories to export data from your air-gapped Tenable.sc to your other instance of Tenable.sc. This supports both consolidated and federated reporting structures.
Upgrades and Updates
Tenable recommends performing Tenable.sc upgrades at least once a year (quarterly preferred) and plugin/feed updates at least once a month. After you perform a plugin update, run comprehensive scans to take advantage of the new vulnerability data and generate current scan results.
Note: A few plugins require internet access and cannot run in an air-gapped environment. For example, Nessus plugin 52669 checks to see if a host is part of a botnet.
After you perform a plugin update or feed update, verify the files as described in the knowledge base article.
To perform a Tenable.sc upgrade or a plugin/feed update offline:
Tip: You can use the API to automate some Tenable.sc upgrade and plugin update process.
- Download the files in a browser or via the API.
- Verify the integrity of the files.
- Move the files to your Tenable.sc instance.
- Upload the files to Tenable.sc.
If you deployed Nessus Manager to manage Nessus Agents in an air-gapped environment, perform an offline software update (nessus-agent-updates-X.X.X.tar.gz on the Tenable Downloads site) on your Nessus Manager. Nessus Manager pushes the update to the managed Nessus Agents.
For more information, see the knowledge base article.