The SOC will handle the building and configuration of the Nessus scanner. The building of the scanner can be done with either direct access to the box or, remote access.
The following table represents the various tasks required to complete the deployment along with identifying any specific details and collaterals that may be available to assist in completing the task:
Action or Task |
Description |
Provide scope of scan |
The SOC will need to configure what networks to scan or ignore |
Provide Credentials |
Client to create a service account within their Active Directory for the scanner that will allow it to log into machines on the network. The service account will need read-only rights. |
Provide Schedule |
Client to determine time of day and frequency of scans. It is recommended to run scans during off hours. |
Solution Connectivity
The following table represents the requirements for your firewall policy to enable the solution:
Outbund Rules
Source |
Destination |
SOC Appliance Management IP |
|
|
https://downloads.nessus.org/ |
|
|
|
https://plugins-us.nessus.org/ |
|
|
|
|
|
|
|
cloud.tenable.com |
|
ocsp.digicert.com |
Note: SSL inspection on traffic to and from the Tenable update sites is not supported. While access to the update sites can be established, it may not be able to complete updates due to SSL inspection of the traffic.