Target Groups

You can still use target groups to manage your scan targets. However, Tenable recommends that you instead use tags to group and scan your assets when possible. In the future, when tagging features and options match those currently available in target groups, Tenable will convert your target groups into tags and retire your existing target groups. No action is required on your part, and Tenable will provide you with 60 calendar days notice before converting and retiring your target groups. For more information, contact your Tenable representative.

A target group allows you to construct a list of scan targets by FQDN, CIDR notation, or IP address range. You can then specify which users in your organization can use the target group in scan configurations or filtering dashboards (including workbenches).

Note: Tenable recommends limiting the number of targets in any single target group. When filtering a dashboard by a target group with too many targets, Tenable Vulnerability Management may fail to show data.

Note: Scan targets listed by CIDR notation must be in one of the following formats:
  • xx.xx.0.0/16
  • xx.xx.xx.0/24

If you grant a user permissions in a target group, the user can use the target group in the Target Groups option for scan configuration. However, you must also grant the user Can Scan permissions in an access group for the targets, or Tenable Vulnerability Management excludes the targets from the scan results. For more information, see Permissions.

To manage target groups, use the following procedures: