Tenable.sc Director Deployments

You can use Tenable.sc Director to manage Nessus scanners and scan zones and monitor scan results on multiple Tenable.sc instances. If your deployment includes several instances of Tenable.sc, Tenable recommends using Tenable.sc Director to remotely monitor your Tenable.sc instances.

A Tenable.sc Director deployment includes:

  • One Tenable.sc Director where you connect managed Tenable.sc instances. You use Tenable.sc Director to centralize and monitor data collected by your managed Tenable.sc instances.

    Tenable.sc Director cannot perform scans. Plan your deployment to ensure you have adequate scan coverage on the Tenable.sc instances you plan to manage from Tenable.sc Director.
  • One or more managed Tenable.sc instances. You connect managed Tenable.sc instances to collect vulnerability data that can be viewed in Tenable.sc Director.

    Note: You must run the same version of Tenable.sc on your entire Tenable.sc Director deployment, including Tenable.sc Director and all managed Tenable.sc instances that you connect to Tenable.sc Director. Tenable.sc Director cannot communicate with managed Tenable.sc instances that are running a different version of Tenable.sc.

To plan and fully configure your Tenable.sc Director deployment, see Get Started With Tenable.sc Director.

For more information, see:

Monitor Your Tenable.sc Director Deployment

After you acquire a Tenable.sc Director license, configure Tenable.sc Director, and connect one or more managed Tenable.sc instances, you can monitor the following details from Tenable.sc Director:

  • The status, version, and total number of Nessus Scanners running on each managed Tenable.sc instance

  • The Scan Zones configured on each managed Tenable.sc instance

  • The scan results of scans run on each managed Tenable.sc instance

  • A summary of plugin sets used on each managed Tenable.sc instance

  • A summary of plugin sets used by Nessus scanners on each managed Tenable.sc instance

  • The version of Tenable.sc running on each managed Tenable.sc instance

You can configure the following from Tenable.sc Director:

Note: You can only edit configurations for Nessus scanners and scan zones on managed Tenable.sc instances from Tenable.sc Director. To manage other configurations on a managed Tenable.sc instance, log in to that instance.

Note: You cannot download Nessus scanner logs on managed Tenable.sc instances from Tenable.sc Director. To download Nessus scanner logs on a managed Tenable.sc instance, log in to that instance.

Tip: Managed Tenable.sc instances cannot share repository data. For more information about sharing repository data between Tenable.sc instances, see Tiered Remote Repositories.

Tip: Using the Tenable.sc Director API, you can perform the following actions to manage active scans on your managed Tenable.sc instances:

  • Add, retrieve, and delete scan and scan policy configurations for active scans.

  • Retrieve scan objects, such as users, scan policies, repositories, and scan zones for active scans.

For more information, see the Tenable.sc API Guide.