Nessus Pro Vulnerability Scanning QSG

Nessus Pro Vulnerability Scanning QSG

Nessus Pro Vulnerability Scanning Quick Start Guide

 

Deployment Overview

 

The SOC will handle the building and configuration of the Nessus scanner.  The building of the scanner can be done with either direct access to the box or, remote access.

 

Pre-Installation Checklist

The following table represents the various tasks required to complete the deployment along with identifying any specific details and collaterals that may be available to assist in completing the task:

 

Action or Task

Description

Provide scope of scan

The SOC will need to configure what networks to scan or ignore

Provide Credentials

Client to create a service account within their Active Directory for the scanner that will allow it to log into machines on the network.  The service account will need read-only rights.

Provide Schedule

Client to determine time of day and frequency of scans.  It is recommended to run scans during off hours.

 

 

 Solution Connectivity


The following table represents the requirements for your firewall policy to enable the solution:


Outbund Rules

Source

Destination

SOC Appliance Management IP

https://plugins.nessus.org/

 

https://downloads.nessus.org/  

 

https://plugins-customers.nessus.org/

 

https://plugins-us.nessus.org/  

 

https://plugins.cloud.tenable.com/

 

https://appliance.cloud.tenable.com/

 

https://tenablesecurity.com/

 

cloud.tenable.com

 

ocsp.digicert.com

 

Note: SSL inspection on traffic to and from the Tenable update sites is not supported. While access to the update sites can be established, it may not be able to complete updates due to SSL inspection of the traffic.

 

 

 

 

 



    • Related Articles

    • NESSUS VULNERABILITY SCANNER FOR AUTHENTICATED SCANS

      NESSUS VULNERABILITY SCANNER FOR AUTHENTICATED SCANS Credentialed Checks on Windows The process described in this section enables you to perform local security checks on Windows systems. Only Domain Administrator accounts can be used to scan Domain ...

    • XDRaaS - Quick Start Guide (QSG)

      XDRaaS – Quick Start Guide The following items will help guide you through what CyFlare’s deployment team will be working on with you, to get you ingesting data, and moving to being monitored, by the SOC, as quickly as possible. The main items that ...

    • AlienVault USM Anywhere Customer Quick Start Guide

      Summary This document is intended as a step by step guide for new customer implementations of USM Anywhere with an introduction to the incident ticketing process and interacting with the SOC.  The solution and service are deployed in phases. The ...

    • Centers Of Excellence Overview

      Centers Of Excellence Overview The cyber security industry consists of 100's of manufacturers that have generated 1000's of security solutions. While many of these solutions overlap in purpose and functionality each have their own specifics related ...

    • Alienvault-Advisory

        SolarWinds Orion Supply Chain Attack                        Detections in AT&T Unified Security Management™ and IoCs in the AT&T Alien Labs Open Threat Exchange™ December 16, 2020, 11:15am (CST) TLP: Amber Dear USM Customer, The details of this ...