Quick Setup

The Tenable.sc Quick Setup Guide walks through the following configurations:

After configuring, Review and confirm.

License

Upload your Tenable.sc license and apply additional product licenses.

Tenable.sc License

  1. Click Choose File to upload the Tenable.sc license file you received from Tenable.

    The file should follow the format:

    <CompanyName>_SC<IP Count>-<#>-<#>.key

  2. Click Activate.

    The page confirms successful upload and activation of a valid license.

Consider adding additional license activation codes:

  • Tenable.sc license activation code — required before adding any Nessus scanners. The Tenable.sc license activation code allows Tenable.sc to download plugins and update Nessus scanner plugins.

    In the Nessus section, type the Tenable.sc activation code and click Register.

  • NNM license activation code — required before using and managing attached NNM scanners.

    In the NNM section, type the NNM activation code and click Register.

  • LCE Activation Code — required before downloading LCE Event vulnerability plugins to Tenable.sc. The LCE Activation Code allows Tenable.sc to download event plugins, but it does not manage plugin updates for LCE servers.

    In the LCE section, type the Log Correlation Engine activation code and click Register.

Click Next to continue.

A plus (+) sign indicates that no license is applied for the product. A box with an X indicates an invalid activation code. Click on the plus (+) or X to add or reset a license activation code.

A box with a checkmark indicates a valid license is applied and that Tenable.sc initiated a plugin download in the background.

The download may take several minutes and must complete before initiating any Nessus scans. After the download completes, the Last Updated date and time update on the Plugins page.

Nessus Scanner

Configure your first Nessus scanner. For information about the options you can configure, see Nessus Scanners. There are some limitations on the scanner options you can configure during Quick Start:

  • Agent Capable: If you use a Tenable.io or Nessus Manager scanner for Nessus Agent scan imports, do not configure that scanner during the Quick Start.
  • Zones: If you want to grant scan zones access to this scanner, you must configure the Zones option after the Quick Start.

NNM

If you added an NNM license activation code, you can configure your first NNM scanner. For information about the options you can configure, see Nessus Network Monitor Instances. There are some limitations on the scanner options you can configure during Quick Start:

  • Repositories: If you want to select repositories to store the scanner's data, you must configure the Repositories option after the Quick Start.

LCE

If you added an LCE Activation Code, you can configure your first Log Correlation Engine scanner. For information about the options you can configure, see Log Correlation Engines. There are some limitations on the scanner options you can configure during Quick Start:

  • Organizations: If you want to select organizations that can access the scanner's data, you must configure the Organizations option after the Quick Start.
  • Repositories: If you want to select repositories to store the scanner's data, you must configure the Repositories option after the Quick Start.

Repository

You can configure your first local IPv4 or IPv6 repository.

Caution: When creating repositories, note that IPv4 and IPv6 addresses must be stored separately. Additional repositories may be created once the initial configuration is complete.

A repository is essentially a database of vulnerability data defined by one or more ranges of IP addresses. When the repository is created, a selection for IPv4 or IPv6 addresses must be made. Only IP addresses of the designated type may be imported to the designated repository. The organization created in steps that follow can take advantage of one or more repositories. During installation, a single local repository is created with the ability to modify its configuration and add others post-install.

Caution: When creating Tenable.sc repositories, LCE event source IP address ranges must be included along with the vulnerability IP address ranges or the event data is not accessible from the Tenable.sc UI.

Local repositories are based on the IP addresses specified in the IP Ranges option on this page during the initial setup. Remote repositories use addressing information pulled over the network from a remote Tenable.sc. Remote repositories are useful in multi-Tenable.sc configurations where security installations are separate but reports are shared. Offline repositories also contain addressing information from another Tenable.sc. However, the information is imported to the new installation via a configuration file and not via a direct network connection. For information about how this works in air-gapped environments, see Considerations for Air-Gapped Environments.

For information about the options you can configure, see Local Repositories. There are some limitations on the repositories and repository options you can configure during Quick Start:

  • You cannot configure a local mobile repository during Quick Start.
  • You cannot configure a local agent repository during Quick Start.
  • You cannot configure an external repository during Quick Start.
  • Organizations: If you want to select organizations that can access the repository's data, you must configure the Organizations option after the Quick Start.
  • LCE Correlation: If you want to select LCE servers where you want Tenable.sc to retrieve data, you must configure the LCE Correlation option after the Quick Start.

Organization

An organization is a set of distinct users and groups and the resources they have available to them. For information about the options you can configure, see Organizations.

You can configure one organization during initial setup. If you want to use multiple organizations, you must configure other organizations after the Quick Start.

LDAP

Configuring LDAP allows you to use external LDAP servers for the Tenable.sc user account authentication or as LDAP query assets. Type all required LDAP server settings and click Next. Click Skip if you do not want to configure LDAP during initial configuration.

You can configure one LDAP server connection during initial setup. If you want to use multiple LDAP servers, or if you want to configure additional options, you must continue configuring LDAP after the Quick Start.

For information about the options you can configure, see LDAP Authentication.

User

You must create one administrator and one security manager during initial setup. For more information, see User Roles.

  • Security manager — a user to manage the organization you just created. After you finish initial setup, the security manager can create other user accounts within the organization.

  • Administrator — a user to manage Tenable.sc. After you finish initial setup, the administrator can create other organizations and user accounts.

If you already configured an LDAP server, you have the option to create an LDAP user account. For more information about user account options, see User Accounts.

After creating the security manager user and setting the administrator password, click Next to finish initial setup. The Admin Dashboard page appears, where you can review login configuration data.

Additional Settings

The Enable Usage Statistics option specifies whether Tenable collects anonymous telemetry data about your Tenable.sc deployment.

When enabled, Tenable collects usage statistics that cannot be attributed to a specific user or customer. Tenable does not collect personal data or personally identifying information (PII).

Usage statistics include, but are not limited to, data about your visited pages, your used reports and dashboards, your Tenable.sc license, and your configured features. Tenable uses the data to improve your user experience in future Tenable.sc releases. You can disable this option at any time to stop sharing usage statistics with Tenable.

For more information about enabling or disabling this option after initial setup, see Configuration Settings.

Review

The review page displays your currently selected configurations. If you want to make further changes, click the links in the left navigation bar.

When you are finished, click Confirm.