(Early Access) Configure Tenable Nessus Agent Fallback

Note: This feature is available to a limited pilot group and will be rolled out to a wider audience in the future.

In Tenable Sensor Proxy version 1.0.10 and later, you can configure linked Tenable Nessus Agents to fall back and connect directly to Tenable Vulnerability Management if the agents cannot properly connect to Tenable Sensor Proxy. Agent fallback allows agents to remain online and continue scanning in the event of connectivity issues with Tenable Sensor Proxy.

Once an agent is connected to Tenable Vulnerability Management via fallback, it attempts to reconnect with Tenable Sensor Proxy every 15 minutes.

Agent fallback is disabled by default, but you can enable the fallback setting in the Sensor Proxy sidecar.json file.

Note: This feature can be configured for Tenable Nessus Agents versions 10.7.0 and later.

To configure agent fallback:

  1. In your system file manager, navigate to /opt/sensor_proxy/config/.

  2. Open sidecar.json.

  3. Between the SidecarTokenFile and AgentAgeOutDays lines, enter a new line.

    {

    "Version": "1.0.10",

    "Port": 8080,

    "MeasurementsEnabled": false,

    "MetricsPort": ":4242",

    "Logfile": "/opt/sensor_proxy/logs/sidecar.log",

    "Loglevel": "info",

    "LogStdout": false,

    "LogDefaultContext": "[service]",

    "Upstream": "sensor.cloud.tenable.com",

    "DBFile": "/opt/sensor_proxy/cacheDb.db",

    "CAPemFile": "/usr/local/etc/nginx/ssl/ca.pem",

    "CAKeyFile": "/usr/local/etc/nginx/ssl/ca.key",

    "CertPemFile": "/usr/local/etc/nginx/ssl/cert.pem",

    "CertKeyFile": "/usr/local/etc/nginx/ssl/cert.key",

    "NGINX_port": 443,

    "SidecarName": "Sidecar",

    "SidecarTokenFile": "/etc/sensor-proxy-token",

     

    "AgentAgeOutDays": 21

    }

  4. In the new line, enter the following information to enable agent fallback:

    "OverrideFallback": true,

    The JSON file should now look as follows:

    {

    "Version": "1.0.10",

    "Port": 8080,

    "MeasurementsEnabled": false,

    "MetricsPort": ":4242",

    "Logfile": "/opt/sensor_proxy/logs/sidecar.log",

    "Loglevel": "info",

    "LogStdout": false,

    "LogDefaultContext": "[service]",

    "Upstream": "sensor.cloud.tenable.com",

    "DBFile": "/opt/sensor_proxy/cacheDb.db",

    "CAPemFile": "/usr/local/etc/nginx/ssl/ca.pem",

    "CAKeyFile": "/usr/local/etc/nginx/ssl/ca.key",

    "CertPemFile": "/usr/local/etc/nginx/ssl/cert.pem",

    "CertKeyFile": "/usr/local/etc/nginx/ssl/cert.key",

    "NGINX_port": 443,

    "SidecarName": "Sidecar",

    "SidecarTokenFile": "/etc/sensor-proxy-token",

    "OverrideFallback": true,

    "AgentAgeOutDays": 21

    }

    Alternatively, you can delete the OverrideFallback line to disable agent fallback.

  5. Save your file changes.

  6. Restart Tenable Sensor Proxy to apply the change.