Scan Permissions Migration
System target group permissions that controlled whether users can scan specified targets have been migrated to access groups.
Note: Tenable plans to deprecate access groups in the near future. Currently, you can still create and manage access groups. However, Tenable recommends that you instead use permissions to manage user and group access to resources on your Tenable Vulnerability Management instance.
This migration affects your existing Tenable Vulnerability Management configuration as follows:
Component | Action |
---|---|
Existing access group |
Tenable Vulnerability Management:
|
Existing system target groups |
For each existing system target group, Tenable Vulnerability Management:
Note: This migration does not delete existing system target groups. The migration removes only the Can Scan permissions from the system target groups. Note: If, at the time of migration, an existing target group includes scan permissions, a Scan label may appear for the group in the Permissions column of the target groups table in the new Tenable Vulnerability Management user interface. This label indicates historical scan permissions only; access groups specify the current scan permissions. |
Existing scan configurations, dashboard filters, and saved searches | Existing scan configurations retain the system target group as a target setting. Existing dashboard filters and saved searches retain the system target group as a filter setting. If you have Can Use permissions for a system target group, you can continue to use the system target group to specify a group of targets in a scan configuration and to use the system target group in filters for dashboards and searches. However, to specify which users can view scan results for the targets, configure Can View permissions in the appropriate access group. |