Configure Scan Routing

With scan routing, you can automatically dispatch scanning across multiple scanner groups according to the network areas to which each group has access. Scan routing reduces scan configuration and management overhead by eliminating the need to configure specific scanners for each individual scan. This feature can represent a significant benefit in large deployments. To improve operational efficiency, team members with higher privileges can manage the scanner pools, which can then be used by lower-privileged team members during scan configuration

Note: Scan routing is available for linked scanners only.

If you configure scan routing for a scan, when the scan runs, Tenable Vulnerability Management automatically does the following:

  • Assigns the scan targets to the scanner group configured with the narrowest matching target range.
  • Within that scanner group, assigns targets to scanners as they check in, according to their capacity and the targets still available.

For more information, see Configuration Guidelines.

Note: Tenable recommends pre-planning your scan routing strategy to efficiently target discrete areas of your network. If configured improperly, scan routing can prevent scanners from reaching their targets.

To configure scan routing:

  1. Review the configuration guidelines for scan routing.

Configuration Guidelines

  • When configuring scan routes, Tenable recommends using IP ranges and CIDR ranges instead of individual IP addresses where possible. This approach differs from the recommended approach for scan targets, where narrower target values are recommended.

  • Tenable Vulnerability Management does not support a numeric range format for IPv6 addresses. Instead, use a CIDR format for IPv6 address ranges.
  • Typically, Tenable recommends adding an individual scanner to only one scanner group. In some cases, however, you may want to configure overlapping scanner groups to ensure scanning coverage or redundancy. If a host is targeted by two or more overlapping scanner groups, Tenable Vulnerability Management chooses any one of the groups to scan it; none of the groups is given preference.
  • For a definition of scanner availability in a scanner group, see Scanner Groups.

Supported Scan Routing Target Formats

Tenable Vulnerability Management supports the following formats for scan routing targets:

Target Format


A single IPv4 address

A single IPv6 address


An IPv4 range with a start and end address

An IPv4 subnet with CIDR notation

An IPv6 subnet with CIDR notation 2001:db8::/32

A host resolvable to either an IPv4 or an IPv6 address

A host resolvable to either an IPv4 address or an IPv 6 address with a wildcard as the subdomain *