How-to Guide: Tenable.io for Microsoft Azure. Last Updated: November 16, 2018

Similar documents
How-to Guide: Tenable Nessus for Microsoft Azure. Last Updated: April 03, 2018

How-to Guide: Tenable Core Web Application Scanner for Microsoft Azure. Last Updated: May 16, 2018

Tenable.io for Thycotic

How-to Guide: Tenable.io for Lieberman. Last Revised: August 14, 2018

PVS Subscription Registration Process

How-to Guide: Tenable Nessus for BeyondTrust. Last Revised: November 13, 2018

Nessus Manager Registration Process

Tenable for Palo Alto Networks

How to Register for Training

How to Add, Deactivate, or Edit a Contact

How-to Guide: Tenable for McAfee epolicy Orchestrator. Last Updated: April 03, 2018

Tenable for McAfee epolicy Orchestrator

Services. This document. describes how comments and. it is in. Tenable.io and. Tenable.io

Tenable for McAfee epolicy Orchestrator

Tenable for Google Cloud Platform

How to Transition from Nessus to SecurityCenter Reports

Deploying and Provisioning the Barracuda Web Application Firewall in the New Microsoft Azure Management Portal

How to Deploy the Barracuda Security Gateway in the New Microsoft Azure Management Portal

Tenable.sc-Tenable.io Upgrade Assistant Guide, Version 2.0. Last Revised: January 16, 2019

Tenable for ServiceNow. Last Updated: March 19, 2018

Nessus Enterprise for Amazon Web Services (AWS) Installation and Configuration Guide

Tenable.io User Guide. Last Revised: November 03, 2017

Deploying and Provisioning the Barracuda CloudGen WAF in the Classic Microsoft Azure Management Portal

Check Point vsec for Microsoft Azure

DOCUMENTATION. UVM Appliance Azure. Quick Start Guide

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

CloudHealth. AWS and Azure On-Boarding

Exam : Implementing Microsoft Azure Infrastructure Solutions

Best Practices for Migrating Servers to Microsoft Azure with PlateSpin Migrate

Community Edition Getting Started Guide. July 25, 2018

The Modern Web Access Management Platform from on-premises to the Cloud

McAfee Cloud Workload Security Suite Amazon Machine Image Installation Guide

Transforming Security from Defense in Depth to Comprehensive Security Assurance

Qualys Cloud Platform (VM, PC) v8.x Release Notes

VNS3 Configuration. Quick Launch for first time VNS3 users in Azure

Tenable.io Evaluation Workflow. Last Revised: August 22, 2018

AppSpider Enterprise. Getting Started Guide

A Government Health Agency Trusts Tenable to Protect Patient Data and Manage Expanding Attack Surface

ForeScout Extended Module for Tenable Vulnerability Management

Tenable Nessus Customer Loyalty Program to Purchase PVS Subscription

The Balabit s Privileged Session Management 5 F5 Azure Reference Guide

MarkLogic Server. MarkLogic Server on Microsoft Azure Guide. MarkLogic 9 January, 2018

Installation Guide Revision B. McAfee Cloud Workload Security 5.0.0

Silver Peak EC-V and Microsoft Azure Deployment Guide

ForeScout Extended Module for Symantec Endpoint Protection

LoadMaster for Azure Resource Manager. Feature Description

ForeScout Extended Module for Carbon Black

EASYSECURITY SYMANTEC V1.0

Compliance Audit Readiness. Bob Kral Tenable Network Security

CA SSO Cloud-Enabled with SSO/Rest

Introduction. Deployment Models. IBM Watson on the IBM Cloud Security Overview

Vulnerability Management

Azure Marketplace. Getting Started Tutorial. Community Edition

Veriato Recon / 360. Version 9.0.3

OnCommand Cloud Manager 3.2 Deploying and Managing ONTAP Cloud Systems

Comodo IT and Security Manager Software Version 6.6

Azure for On-Premises Administrators Practice Exercises

ForeScout Extended Module for VMware AirWatch MDM

Watson Developer Cloud Security Overview

Comodo cwatch Web Security Software Version 1.0

CS 356 Operating System Security. Fall 2013

Chapter 5: Vulnerability Analysis

Security in Bomgar Remote Support

Deploying VMware Identity Manager in the DMZ. JULY 2018 VMware Identity Manager 3.2

Azure Archival Installation Guide

Azure Marketplace Getting Started Tutorial. Community Edition

HySecure Quick Start Guide. HySecure 5.0

epldt Web Builder Security March 2017

SonicWall Web Application Firewall 2.0. AWS Deployment Guide

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

Load Balancing Web Servers with OWASP Top 10 WAF in Azure

Centrify Identity Services for AWS

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

Comodo Endpoint Security Manager Professional Edition Software Version 3.3

271 Waverley Oaks Rd. Telephone: Suite 206 Waltham, MA USA

ForeScout CounterACT. Plugin. Configuration Guide. Version 2.1

Cloud Security Whitepaper

AZURE SELF-HOSTED INSTALLATION GUIDE

Guide to Deploying VMware Workspace ONE. VMware Identity Manager VMware AirWatch 9.1

Introduction. The Safe-T Solution

Comodo IT and Security Manager Software Version 5.4

Tenable SCAP Standards Declarations. June 4, 2015 (Revision 11)

Comodo Certificate Manager

Deploying VMware Identity Manager in the DMZ. SEPT 2018 VMware Identity Manager 3.3

SSL VPN Web Portal User Guide

Protecting Your Cloud

PCI DSS Compliance. White Paper Parallels Remote Application Server

Lab Guide. Barracuda NextGen Firewall F-Series Microsoft Azure - NGF0501

Integrating AirWatch and VMware Identity Manager

Security Readiness Assessment

CounterACT VMware vsphere Plugin

NERC CIP VERSION 6 BACKGROUND COMPLIANCE HIGHLIGHTS

Comodo IT and Security Manager Software Version 6.9

VMware Horizon 7 Administration Training

Bomgar Vault Server Installation Guide

W H IT E P A P E R. Salesforce Security for the IT Executive

Sophos Mobile in Central

Deploying and Provisioning the Barracuda Application Security Control Center in the New Microsoft Azure Management Portal

IBM Secure Proxy. Advanced edge security for your multienterprise. Secure your network at the edge. Highlights

Comodo IT and Security Manager Software Version 6.4

Transcription:

How-to Guide: Tenable.io for Microsoft Azure Last Updated: November 16, 2018

Table of Contents How-to Guide: Tenable.io for Microsoft Azure 1 Introduction 3 Auditing the Microsoft Azure Cloud Environment 4 Provisioning Tenable Core Nessus (BYOL) from the Microsoft Azure Marketplace 15 Nessus Agent Scans of Microsoft Azure Cloud Virtual Machines 24 About Tenable 25

Introduction Tenable is the first and only solution to offer security visibility, Azure cloud environment auditing, system hardening, and continuous monitoring so you can regain visibility, reduce attack surface, and detect malware across your Microsoft Azure deployments. This document describes how to deploy the following Tenable solutions to help ensure a secure and compliant Microsoft Azure cloud environment: Auditing Microsoft Azure Cloud Environment Tenable Core Nessus (BYOL) Nessus Agent Scans of Microsoft Azure Cloud Instances It is as important to run these assessments in Microsoft Azure as it is in any other IT environment. Please email any comments and suggestions to support@tenable.com.

Auditing the Microsoft Azure Cloud Environment Tenable offers the ability to audit the Microsoft Azure Cloud environment to detect misconfigurations in the cloud environment and account settings. Audits can be performed using Tenable.io. No preauthorization is needed from Microsoft to perform the audit, but a Microsoft Azure account is required. In order to perform an audit of the Microsoft Azure cloud environment, Tenable.io needs a Microsoft Azure Client ID. To obtain a Client ID, navigate to Microsoft Azure (https://- manage.windowsazure.com) and log in. In the Microsoft Azure Interface 1. Log in to the Microsoft Azure portal. 2. In the left-hand menu, click Azure Active Directory in the left-hand menu. 3. Click App registrations.

4. To add a new application, click New Application Registration (highlighted below). 5. In the Create section, enter a descriptive Name for the application. 6. In the Application Type drop-down and select Native. 7. In the Redirect URL box, enter a URL.

Note: You can use a fake URL for the Redirect URL. 8. Click Create to finalize the settings. 9. A success message displays at the top of the page stating that the new application has been created.

10. Double-click on the newly created application to display its details. 11. Copy the Application ID. This information is used to complete the audit configuration with Tenable.io. 12. Click Test Application > Settings > Required Permissions.

13. In the Required Permissions section, click + Add. 14. In the Add API access section, click Select an API. 15. Once selected, the Select an API options appear. Highlight Windows Azure Service Management API and click Select.

16. Check the box next to Access Azure Service Management as organization users (preview) to enable the permissions. 17. Once enabled, click Select. 18. Click Done to finalize the settings. In the Tenable.io Interface

1. Log in to Tenable.io. 2. Click New Scan. 3. Select the Audit Cloud Infrastructure template. 4. In the Name box, type a descriptive name for the scan. 5. Click Credentials.

6. Click Microsoft Azure. Note: See the Required User Privileges section in the Nessus User Guide for the required Microsoft Azure privileges. 7. In the appropriate boxes, enter your Microsoft Azure Username and Password, Client ID (Application ID), and Subscription IDs.

Note: Leave the Subscription IDs box blank if you want to audit all of your Azure subscriptions. 8. Click Compliance. 9. Click Microsoft Azure. The Microsoft Azure options appear. Tenable offers three pre-configured compliance checks and provides the ability to upload a custom Azure audit file. Microsoft Azure Best Practices Infrastructure: This audit file implements a set of general best practices for Microsoft Azure infrastructure items including Principals, Virtual Networks, Certificates, and Virtual Machines. Microsoft Azure Best Practices Websites: This audit file implements a set of general best practices for Microsoft Azure Website items including Website Status, SSL Status, and recent Site modifications. Microsoft Azure Best Practices Databases: This audit file implements a set of general best practices for Microsoft Azure items including Database Configuration, Audit Events, and Recoverable Databases.

10. Click each compliance check you want to add to the scan. 11. If you choose to add a custom audit file, click Add File and select the file to upload. 12. Do one of the following: Click Save. - or-

Click the drop-down arrow next to Save and select Launch to initiate the scan. For additional information on configuring Tenable.io scans, please refer to the Tenable.io User Guide.

Provisioning Tenable Core Nessus (BYOL) from the Microsoft Azure Marketplace The Tenable Core Nessus (BYOL) is an instance of Tenable.io installed within Microsoft Azure that allows scanning of the Azure cloud environments and instances. Tenable Core Nessus (BYOL) capabilities include web application scanning and detection of vulnerabilities, compliance violations, misconfigurations, and malware. Customers interested in leveraging Tenable Core Nessus (BYOL) to secure their environments and instances must first purchase a Tenable.io license either directly from the Tenable Store or from an authorized reseller. The license provides an Activation Code to use when provisioning Tenable.io from your Microsoft Azure account. 1. To provision a Tenable Core Nessus (BYOL) instance, go to Microsoft Azure (https://- manage.windowsazure.com) and log in. 2. Click the green + to open the Azure Marketplace. 3. Enter Tenable in the search box. The TenableCore Nessus (BYOL) instance appears below.

4. Click TenableCore Nessus (BYOL) to open the instance details. 5. Choose an option under Select a deployment model. 6. Click Create to begin deployment of the TenableCore BYOL virtual machine.

7. Enter the configuration information on the Basics screen.

8. Click OK. Refer to the TenableCore Nessus BYOL Scanner Basics table for details. TenableCore Nessus BYOL Scanner Basics Option Name VM disk type User name Authentication type Description Descriptive name for the Nessus BYOL scanner. Select between SSD and HDD drives. User account name used to access the Nessus BYOL scanner. Select SSH public key.

SSH public key Subscription Resource group Location Once generated, enter the SSH public key. Select the subscription to which the virtual machine will be added. Enter the name of a new Resource group or select an existing Resource group. Select the geographical location for the virtual machine. 9. Once the Basics information is entered, instance sizes and pricing appears. 10. From the available options, click to choose the desired virtual machine size. 11. Click Select. 12. On the Settings screen, type the required information.

Refer to the TenableCore Nessus BYOL Scanner Settings table for details. TenableCore Nessus BYOL Scanner Settings

Option Storage accounts Network Subnet Public IP Address Network security group Extensions High availability Monitoring Description Creates or selects a storage account type and selects Standard or Premium disk type. Creates or selects a virtual network where the Nessus BYOL resides. Assign Nessus BYOL to a subnet in the virtual network. Creates a public IP address so that the Nessus BYOL virtual machine is accessible outside the virtual network. Enables firewall rules to control traffic to and from the Nessus BYOL virtual machine. Adds new features, like configuration management or anti-virus protection, to your virtual machine. Provides redundancy by grouping two or more virtual machines in an availability set. Enables system diagnostics and create a diagnostics storage account to analyze the results. 13. Click OK. Offer details appear. 14. Review, then click Purchase to buy the TenableCore Nessus BYOL virtual machine you configured.

15. If you are deploying the instance into an Azure Virtual Network, you must ensure it can reach TCP port 8834 on an IP address associated with the instance. 16. Configure the instance and/or the Azure Virtual Network so the TenableCore Nessus (BYOL) can communicate with Tenable servers. This is required for registration and plugin updates. Note: If this is not possible, see the Offline Updates section in the Tenable Core User Guide. Note: Generally, you connect to the public IP address (or external hostname) associated with an instance. However, if you connect to Nessus using a VPN to the Azure Virtual Network, it may be a private IP address. Note: The IP addresses associated with an instance are found in the virtual machine Settings. 17. After the instance is initialized, open a browser and connect to the instance to complete the configuration. Tip: For example: https://<ip address or hostname>:8834 18. The following welcome screen appears.

To complete the configuration, see the Tenable.io User Guide. Note: Prior to scanning, you must request permission to conduct vulnerability and penetration testing on instances in the Microsoft Azure cloud environment. See the Penetration Testing Terms documentation to review the approval process and submit a testing request.

Nessus Agent Scans of Microsoft Azure Cloud Virtual Machines Tenable s Nessus Agents provide the ability to perform local scans on instances within the Microsoft Azure cloud environment. Nessus agent scans, which are configured, managed, and updated through Tenable.io or Nessus Manager, help identify vulnerabilities, compliance violations, misconfigurations, and malware. Nessus Agents are downloaded from the Tenable Support Portal, installed on an instance running in the Microsoft Azure cloud environment, and then linked to Tenable.io or Nessus Manager. Note: Agents can be installed on your target(s) manually, via Group Policy, SCCM, or other third-party software deployment applications. Nessus Agents are linked to Tenable.io or Nessus Manager in the same manner as linking to a secondary scanner. Prior to installing Nessus Agents, you must acquire the Agent Key from within Tenable.io or Nessus Manager. 1. To acquire the Agent Key, log in to Tenable.io or Nessus Manager.. 2. Click Settings > Scanners > Agents > Linked. 3. A key is generated for the Nessus Agents to link to the scanner. For more information on installing and configuring Nessus Agents, refer to the Nessus User Guide.

About Tenable Tenable transforms security technology for the business needs of tomorrow through comprehensive solutions that provide continuous visibility and critical context, enabling decisive actions to protect your organization. Tenable eliminates blind spots, prioritizes threats, and reduces exposure and loss. With more than one million users and more than 20,000 enterprise customers worldwide, organizations trust Tenable for proven security innovation. Tenable's customers range from Fortune Global 500 companies, to the U.S. Department of Defense, to mid-sized and small businesses in all sectors, including finance, government, healthcare, higher education, retail, and energy. Transform security with Tenable, the creators of Nessus and leaders in continuous monitoring, by visiting tenable.com.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback