Before You Install
Note: A basic understanding of Linux is assumed throughout the installation, upgrade, and removal processes.
Confirm your licenses are valid for your Tenable.sc Director deployment. Tenable.sc Director does not support an unlicensed demo mode.
For more information, see License Requirements.
Plan Your Tenable.sc Director Deployment Version
You must run the same version of Tenable.sc on your entire Tenable.sc Director deployment, including Tenable.sc Director and all managed Tenable.sc instances that you connect to Tenable.sc Director. Tenable.sc Director cannot communicate with managed Tenable.sc instances that are running a different version of Tenable.sc.
If you have already installed and configured the Tenable.sc instances you plan to manage with Tenable.sc Director, do one of the following:
Download and install the same version of Tenable.sc Director that you are already running on your Tenable.sc instances.
Plan to upgrade your managed Tenable.sc instances to the same version as your Tenable.sc Director.
For more information about managing Tenable.sc instances with Tenable.sc Director, see Tenable.sc Director Deployments.
Disable Default Web Servers
Tenable.sc Director provides its own Apache web server listening on port 443. If the installation target already has another web server or other service listening on port 443, you must disable that service on that port or configure Tenable.sc Director to use a different port after installation.
Identify which services, if any, are listening on port 443 by running the following command:
# ss -pan | grep ':443 '
If there are any services listening on port 443, you must either disable or run them on a different port.
Modify Security Settings
Tenable.sc Director supports disabled, permissive, and enforcing mode Security-Enhanced Linux (SELinux) policy configurations. For more information, see SELinux Requirements.
Perform Log File Rotation
The installation does not include a log rotate utility; however, the native Linux
logrotate tool is supported post-installation. In most Red Hat environments,
logrotate is installed by default. The following logs are rotated if the
logrotate utility is installed:
All files in
/opt/sc/support/logs matching *log
During an install/upgrade, the installer drops a file named SecurityCenter into
/etc/logrotate.d/ that contains log rotate rules for the files mentioned above.
Log files are rotated on a monthly basis. This file is owned by
Allow Tenable Sites
To allow Tenable.sc Director to communicate with Tenable servers for product updates and plugin updates, Tenable recommends adding Tenable sites to an allow list at the perimeter firewall. For more information, see the knowledge base article.