Tenable.sc-Tenable.io Upgrade Assistant Guide, Version 2.0. Last Revised: January 16, 2019

Similar documents
ForeScout Extended Module for Tenable Vulnerability Management

Tenable.io User Guide. Last Revised: November 03, 2017

How-to Guide: JIRA Plug-in for Tenable.io. Last Revised: January 29, 2019

How-to Guide: Tenable.io for Microsoft Azure. Last Updated: November 16, 2018

Tenable.io for Thycotic

How-to Guide: Tenable Nessus for Microsoft Azure. Last Updated: April 03, 2018

Tenable.io Evaluation Workflow. Last Revised: August 22, 2018

How-to Guide: Tenable Nessus for BeyondTrust. Last Revised: November 13, 2018

Forescout. eyeextend for Palo Alto Networks Wildfire. Configuration Guide. Version 2.2

How-to Guide: Tenable.io for Lieberman. Last Revised: August 14, 2018

How-to Guide: Tenable.io Plugin for JIRA. Last Revised: November 21, 2018

Tenable for Palo Alto Networks

Forescout. Configuration Guide. Version 4.2

ForeScout Extended Module for Qualys VM

ForeScout CounterACT. Configuration Guide. Version 5.0

Installing and Configuring VMware Identity Manager Connector (Windows) OCT 2018 VMware Identity Manager VMware Identity Manager 3.

Setting Up Resources in VMware Identity Manager (On Premises) Modified on 30 AUG 2017 VMware AirWatch 9.1.1

Tenable for ServiceNow. Last Updated: March 19, 2018

VMware Skyline Collector Installation and Configuration Guide. VMware Skyline Collector 2.0

NetBackup Collection Quick Start Guide

VMware Skyline Collector Installation and Configuration Guide. VMware Skyline 1.4

ForeScout CounterACT. Assessment Engine. Configuration Guide. Version 1.0

VMware Identity Manager Cloud Deployment. DEC 2017 VMware AirWatch 9.2 VMware Identity Manager

Forescout. Plugin. Configuration Guide. Version 2.2.4

Using vrealize Operations Tenant App as a Service Provider

ForeScout CounterACT. Controller Plugin. Configuration Guide. Version 1.0

Nessus 7.0 User Guide. Last Updated: February 05, 2018

How-to Guide: Tenable for McAfee epolicy Orchestrator. Last Updated: April 03, 2018

Nessus Network Monitor 5.4 User Guide. Last Updated: February 20, 2018

Foundstone 7.0 Patch 6 Release Notes

VMware Identity Manager Cloud Deployment. Modified on 01 OCT 2017 VMware Identity Manager

Installing and Configuring vcloud Connector

Setting Up Resources in VMware Identity Manager (SaaS) Modified 15 SEP 2017 VMware Identity Manager

VMware Skyline Collector User Guide. VMware Skyline 1.4

ForeScout Extended Module for ServiceNow

vrealize Operations Management Pack for NSX for vsphere 3.0

How-to Guide: Tenable Applications for Splunk. Last Revised: August 21, 2018

Qualys Cloud Platform (VM, PC) v8.x Release Notes

OpenManage Integration for VMware vcenter Quick Install Guide for vsphere Client, Version 2.3.1

Deploying VMware Identity Manager in the DMZ. JULY 2018 VMware Identity Manager 3.2

Dell Wyse Management Suite. Version 1.0 Quick Start Guide

HPE Security ArcSight Connectors

ForeScout Extended Module for ServiceNow

Setting Up Resources in VMware Identity Manager. VMware Identity Manager 2.8

Qualys Cloud Suite 2.23

Forescout. eyeextend for IBM BigFix. Configuration Guide. Version 1.2

Edge Device Manager Quick Start Guide. Version R15

BMC FootPrints 12 Integration with Remote Support

Forescout. eyeextend for MobileIron. Configuration Guide. Version 1.9

Nessus 6.11 User Guide. Last Updated: June 13, 2018

Nessus Enterprise for Amazon Web Services (AWS) Installation and Configuration Guide

ForeScout Extended Module for MobileIron

Nessus 7.1 User Guide. Last Updated: July 12, 2018

Deploying VMware Identity Manager in the DMZ. SEPT 2018 VMware Identity Manager 3.3

VMware Identity Manager Connector Installation and Configuration (Legacy Mode)

ForeScout Extended Module for MaaS360

IBM Security QRadar. Vulnerability Assessment Configuration Guide. January 2019 IBM

Anchor User Guide. Presented by: Last Revised: August 07, 2017

SecurityCenter 5.5.x User Guide. Last Revised: June 19, 2018

SecurityCenter 5.1 Administration Guide. November 12, 2015 (Revision 2)

SecurityCenter 5.2 Guide

Ansible Tower Quick Setup Guide

Nessus 6.5 User Guide. Last Updated: June 04, 2018

ForeScout CounterACT. Configuration Guide. Version 4.3

Qualys Cloud Platform (VM, PC) v8.x Release Notes

VMware Content Gateway to Unified Access Gateway Migration Guide

ZENworks 11 Support Pack 4 Management Zone Settings Reference. October 2016

INSTALLATION GUIDE Spring 2017

NexentaStor VVOL

Forescout. eyeextend for ServiceNow. Configuration Guide. Version 2.0

Qualys Cloud Platform (VM, PC) v8.x Release Notes

Community Edition Getting Started Guide. July 25, 2018

Using the vrealize Orchestrator Chef Plug-In 1.0

Forescout. Configuration Guide. Version 4.4

VMware AirWatch Google Sync Integration Guide Securing Your Infrastructure

Configuring Your Mail Server, Time Zone, and Locale

Cloud Agent for Mac. Installation Guide. Agent Version December 22, 2017

Cisco TelePresence VCS Cluster Creation and Maintenance

VMware Horizon Cloud Service on Microsoft Azure Administration Guide

Setting Up Resources in VMware Identity Manager

NGFW Security Management Center

LiveNX 8.0 QUICK START GUIDE (QSG) LiveAction, Inc WEST BAYSHORE ROAD PALO ALTO, CA LIVEACTION, INC.

SafeConsole On-Prem Install Guide

Configuring Vulnerability Assessment Devices

OpenManage Integration for VMware vcenter Quick Install Guide for vsphere Client, Version 2.3

Tenable Appliance 4.8.x User Guide. Last Updated: December 12, 2018

Cloud Agent for Unix Installation Guide Agent Version 1.6. February 5, 2018

End User Manual. December 2014 V1.0

Forescout. Configuration Guide. Version 2.4

OpenManage Integration for VMware vcenter Quick Install Guide for vsphere Client Version 3.0

Forescout. eyeextend for Carbon Black. Configuration Guide. Version 1.1

DSS User Guide. End User Guide. - i -

Tenable for McAfee epolicy Orchestrator

System Setup. Accessing the Administration Interface CHAPTER

Host Identity Sources

Illumio Adaptive Security Platform Advanced Command-line Interface Tool Release Notes

Chime for Lync High Availability Setup

ForeScout CounterACT. Configuration Guide. Version 4.1

ForeScout Extended Module for HPE ArcSight

ForeScout Extended Module for VMware AirWatch MDM

Transcription:

Tenable.sc-Tenable.io Upgrade Assistant Guide, Version 2.0 Last Revised: January 16, 2019

Table of Contents Welcome to the Tenable.sc-Tenable.io Upgrade Assistant 3 Get Started 4 Environment Requirements 5 Upgrade Assistant FAQs 6 Upgraded Data and Post-Upgrade Action Items 8 Resources (Nessus Scanner, Nessus Agent, and NNM Connections) 9 Repositories 10 Scan Configurations 11 Active Scan Objects 12 Assets 13 Audit Files 15 Scan Policies 16 Credentials 17 Scan Zones 18 Organizations and Groups 19 User Accounts 20 Dashboards and Reports 22 The Upgrade 23 Download the Upgrade Assistant 24 Run the Upgrade Assistant via the User Interface 25 Run the Upgrade Assistant via the CLI 28 registered trademarks of Tenable, Inc.. Tenable.sc, Lumin, Assure, and the Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.

Welcome to the Tenable.sc-Tenable.io Upgrade Assistant Tip: Tenable is currently rebranding SecurityCenter as Tenable.sc. For more information, see the announcement. You can use version 2.0 of the upgrade assistant to move limited data from a Tenable.sc deployment to a Tenable.io deployment. To quickly get started, see Get Started. Note: Tenable does not require you to use the Tenable.sc-Tenable.io Upgrade Assistant. You may want to immediately begin using Tenable.io without upgrading your Tenable.sc data. For assistance deciding if the upgrade assistant is right for you, contact Tenable Support. To submit documentation feedback or get assistance with the product, contact Support at support@tenable.com or through https://support.tenable.com/. - 3 -

Get Started Use the following sequence to configure and run the Tenable.sc-Tenable.io Upgrade Assistant. Before Upgrade Confirm that version 2.0 of the upgrade assistant suits your environment. Review the data upgraded by version 2.0 of the upgrade assistant. Review the frequently asked questions for the upgrade assistant. Upgrade Perform the upgrade via the user interface or CLI. After Upgrade Resolve any outstanding post-upgrade action items. Learn more about Tenable.io, as described in the Tenable.io User Guide. Note: Tenable is introducing a new Tenable.io interface in a rolling fashion. Some features can be configured in both the classic interface and the new interface. For more information, see Navigate the New Tenable.io Interface and Navigate the Classic Tenable.io Interface. - 4 -

Environment Requirements You must meet the following environment requirements in order to perform the upgrade. To confirm the upgrade assistant is suited for your needs, review the limitations of the upgrade assistant described in Upgraded Data and Post-Upgrade Action Items. Machine Requirements Run the upgrade assistant from a local machine that meets the following requirements: The machine has HTTPS access to Tenable.sc and the Tenable.io cloud. The machine is running version 8 or later of Oracle Java or Open JDK. The Oracle Java or Open JDK executable is accessible from the terminal window where you are running the upgrade assistant. The machine has HTTPS access to an email server to distribute credentials for Tenable.io user accounts. Tenable.sc Requirements You can use the upgrade assistant to upgrade data from Tenable.scs running Version 5.6.0 or later. Note: You may experience issues when upgrading Tenable.sc deployments licensed to scan more than 5000 IP addresses. Version 2.0 of the upgrade assistant is most effective for small-scale Tenable.sc deployments. Tenable.io Requirements You can use the upgrade assistant to upgrade data to an instance of Tenable.io Vulnerability Management. You cannot use the upgrade assistant to upgrade data to Tenable.io on-prem. (Optional) Proxy Requirements The upgrade assistant supports a single proxy without authentication to communicate with both Tenable.sc and Tenable.io. - 5 -

Upgrade Assistant FAQs Consider the following frequently asked questions when planning your upgrade. Is the upgrade assistant supported for my environment? For more information about local machine, Tenable.sc, and Tenable.io requirements, see Environment Requirements. Will the upgrade assistant upgrade all of my Tenable.sc data? No. For more information about upgrade limitations, see Upgraded Data and Post-Upgrade Action Items. Do I need to back up my Tenable.sc before performing the upgrade? Tenable recommends backing up your Tenable.sc regularly as a deployment best practice, but the upgrade assistant does not remove any data from Tenable.sc. Your Tenable.sc deployment continues running as configured. Can I run the upgrade assistant more than once? Yes. If you run the tool several times with the same Tenable.io instance, old Tenable.io scan results, user accounts, and data are preserved. Uniquely named Tenable.sc scan results, user accounts, and data from the new upgrades are added to Tenable.io. For more specific information about how the upgrade assistant handles conflicts, see Upgraded Data and Post-Upgrade Action Items. Should I run the upgrade assistant via the user interface or via the CLI? The user interface is a streamlined, guided method to configure and run the upgrade assistant. Experienced users may prefer the CLI method. Is there Tenable.sc or Tenable.io performance impact during the upgrade? No. How long does it take to run the upgrade assistant? Upgrade time varies depending on the number and complexity of your scan policies and scan results. - 6 -

Can I exclude Tenable.sc data from upgrade? Yes. When configuring upgrade assistant settings, you can select the Migrate all data except scan results and/or Migrate scan results to indicate the data you want to upgrade. Selecting Migrate all data except scan results but not Migrate scan results excludes scan results from the upgrade and shortens your upgrade time. How do I perform post-upgrade action items in Tenable.io? For more information about required post-upgrade action items, see Upgraded Data and Post- Upgrade Action Items. For more information about configuring Tenable.io features, see the Tenable.io User Guide. - 7 -

Upgraded Data and Post-Upgrade Action Items The Tenable.sc-Tenable.io Upgrade Assistant 2.0 cannot upgrade all Tenable.sc data, and most of the data upgraded by the upgrade assistant requires some post-upgrade configuration in Tenable.io. For information about data conversion, merge conflicts, and required post-upgrade action items, see: Resources (Nessus Scanner, Nessus Agent, and NNM Connections) Repositories Scan Configurations Active Scan Objects Organizations and Groups User Accounts Dashboards and Reports - 8 -

Resources (Nessus Scanner, Nessus Agent, and NNM Connections) The Tenable.sc-Tenable.io Upgrade Assistant does not migrate your Tenable.sc resources: Nessus scanner, Nessus Agent, or NNM connections. Post-Upgrade Action Items Link your scanners: To unlink existing Nessus scanners running version 7.1.2 or later from Tenable.sc, toggle off the remote link connection. Then, link the Nessus scanner to Tenable.io. For more information, see Remote Link in the Nessus User Guide. To unlink existing Nessus scanners running version 7.1.1 or earlier from Tenable.sc, see the documentation for --reset-all in Reset Registration and Erase Settings in the Nessus Command Line Reference. Then, link the Nessus scanner to Tenable.io via the command line. To unlink existing Nessus agents from Nessus Manager and link them to Tenable.io, see the documentation for # nessuscli agent unlink and # nessuscli agent link in Nessuscli Agent in the Nessus User Guide. To link NNM, see Set Up NNM in the Nessus Network Monitor User Guide. For general assistance, or for assistance linking Nessus scanners installed on the Tenable Appliance, contact Tenable Support. - 9 -

Repositories Tenable.sc repositories do not have equivalent functionality in Tenable.io. Post-Upgrade Action Items None. Future scan results appear on the Scan Results page. For information about migrated scan results, see Scan Results. - 10 -

Scan Configurations During Upgrade Tenable.sc scan configurations migrate to scan configurations in Tenable.io. Post-Upgrade Action Items Review your scan configurations in the My Scans folder in Tenable.io. For more information, see Scans in the Tenable.io Vulnerability Management User Guide. - 11 -

Active Scan Objects For information about data conversion, merge conflicts, and required post-upgrade action items of active scan objects, see: Assets Audit Files Scan Policies Credentials Scan Zones - 12 -

Assets During Upgrade The Tenable.sc-Tenable.io Upgrade Assistant does not migrate your combination assets, name list assets, query assets, or watchlist assets. The upgrade assistant migrates static assets to target groups in Tenable.io. Note: If the upgrade assistant migrates a static asset but a target group with that name already exists in Tenable.io, the upgrade assistant merges the old host list with the new host list. The upgrade assistant migrates dynamic assets to dynamic asset tags in Tenable.io, when possible. The upgrade assistant cannot migrate the following Tenable.sc dynamic asset rule types to Tenable.io: Days Since Discovery, Days Since Observation, Exploit Available, Exploit Frameworks, NetBIOS Workgroup, Plugin ID, Plugin Text, Port, Severity, SSHV1 Fingerprint, SSH V2 Fingerprint, TCP Port, UDP Port, and XRef. The upgrade assistant migrates other Tenable.sc dynamic asset rule types as described in the following table. Tenable.sc Dynamic Asset Rule Type Operating System Tenable.io Dynamic Asset Tag Rule Type Operating System Note: The upgrade assistant cannot migrate Operating System rules with Posix regex or Perl compatible regex as the operator. DNS FQDN Note: The upgrade assistant cannot migrate DNS rules with Posix regex or Perl compatible regex as the operator. IP Address IPv4 Address Note: The upgrade assistant cannot migrate IP Address rules with not equal to as the operator. - 13 -

Tenable.sc Dynamic Asset Rule Type MAC Tenable.io Dynamic Asset Tag Rule Type MAC Address Note: The upgrade assistant cannot migrate MAC rules with contains the pattern, Posix regex, or Perl compatible regex as the operator. NetBIOS Host NetBIOS Name Note: The upgrade assistant cannot migrate NetBIOS Host rules with Posix regex or Perl compatible regex as the operator. Note: If the upgrade assistant migrates a dynamic asset but an asset tag with that name already exists in Tenable.io, the upgrade assistant attempts to merge the new asset tag's rules with the existing tag rules: If there is a conflict between the new tag operator and the existing tag operator, the upgrade assistant aborts the merge attempt. If there is a conflict between the new tag rule and the existing tag rule, the upgrade assistant aborts the merge attempt. If the new tag rule does not conflict with any existing tag rules, the upgrade assistant adds the new rule to the dynamic asset tag. Post-Upgrade Action Items Review your target groups and dynamic asset tags in Tenable.io and create any dynamic asset tags that the upgrade assistant could not migrate. For more information, see About Target Groups and Tags in the Tenable.io Vulnerability Management User Guide. - 14 -

Audit Files During Upgrade Tenable.sc audit files migrate to compliance checks in Tenable.io. Note: The upgrade assistant cannot migrate scan credentials associated with audit files. For more information, see Credentials. Post-Upgrade Action Items Create a scan or scan policy from an auditing template in Tenable.io. When configuring the scan or scan policy, on the Compliance tab, select your custom audit file. For more information, see Compliance in the Tenable.io Vulnerability Management User Guide. - 15 -

Scan Policies During Upgrade Tenable.sc scan policies migrate to scan policies in Tenable.io. Note: The upgrade assistant cannot upgrade passwords or files (Client Certificates, CA Certificates, or Client Keys) uploaded while configuring scan policy authentication settings. If scan policies already exist on Tenable.io, the upgrade assistant migrates only the Tenable.sc scan policies with names that do not already exist on Tenable.io. Post-Upgrade Action Items Configure scan policies in Tenable.io: Replace default scan policy authentication settings passwords with the correct passwords. Upload all necessary scan policy authentication User Certificates and Private Keys. For more information, see About Policies in the Tenable.io Vulnerability Management User Guide. - 16 -

Credentials During Upgrade Tenable.sc credentials migrate to credentials in Tenable.io. The upgrade assistant enables the Tenable.io HTTPS credentials option by default. The upgrade assistant inserts a default value when it cannot find an equivalent Tenable.sc option for a Tenable.io option. Note: The upgrade assistant cannot migrate passwords or files (User Certificates or Private Keys) uploaded while configuring scan credentials. Note: The upgrade assistant cannot migrate Informix or DRDA credentials. Tenable.io does not support Informix or DRDA credentials. Post-Upgrade Action Items Configure credentials in Tenable.io: Replace default scan credential passwords with the correct scan credential passwords. Replace default scan credential values with the correct scan credential values. Upload all necessary scan credential User Certificates and Private Keys. If necessary, disable the HTTPS scan credential option. For more information, see Credentials in the Tenable.io Vulnerability Management User Guide. - 17 -

Scan Zones During Upgrade A single Tenable.sc scan zone migrates to one scanner group and one target group in Tenable.io: The scanner group inherits the name of the scan zone. The target group inherits the name of the scan zone and the list of hosts from the scan zone. Note: If the upgrade assistant migrates a scan zone but a scanner group or target group with that name already exists in Tenable.io, the upgrade assistant handling depends on the group type: scanner group the upgrade assistant does not create a scanner group. target group the upgrade assistant merges the old target group with the new target group. Post-Upgrade Action Items Review your target group configurations in Tenable.io. For more information, see About Target Groups in the Tenable.io Vulnerability Management User Guide. After you link scanners to Tenable.io, add one or more scanners to each scanner group. For more information, see About Scanner Groups in the Tenable.io Vulnerability Management User Guide. - 18 -

Organizations and Groups During Upgrade Tenable.sc organizations and groups migrate to groups in Tenable.io. Post-Upgrade Action Items Review your groups in Tenable.io. For more information, see Groups in the Tenable.io Vulnerability Management User Guide. - 19 -

User Accounts During Upgrade Tenable.sc user accounts migrate to user accounts in Tenable.io. Note: The upgrade assistant cannot migrate user accounts without associated email addresses. User Account Privileges Tenable.sc user account privileges convert to Tenable.io privileges as described in the following table. Tenable.sc Role Administrator Security Manager Credential Manager Security Analyst Vulnerability Analyst Auditor Executive No Role Custom (Custom user role or customized Tenable-provided user role) Tenable.io Role Administrator Administrator Administrator Standard Standard Basic Basic Basic Basic Note: Tenable.io does not support custom user roles. Post-Upgrade Action Items Confirm that eligible Tenable.sc users received login credentials for Tenable.io. Note: Tenable.sc users without associated email addresses do not migrate to Tenable.io. You must recreate the user account in Tenable.io. - 20 -

For more information, see Users in the Tenable.io Vulnerability Management User Guide. - 21 -

Dashboards and Reports The Tenable.sc-Tenable.io Upgrade Assistant does not migrate your dashboards or reports. Post-Upgrade Action Items Recreate your reports. For more information, see Reports in the Tenable.io Vulnerability Management User Guide. Recreate your dashboards. For more information, see Dashboards in the Tenable.io Vulnerability Management User Guide. - 22 -

The Upgrade After you download the upgrade assistant, run the upgrade assistant via the user interface or CLI. The user interface is a streamlined, guided method to configure and run the upgrade assistant. Experienced users may prefer the CLI experience. After you finish the upgrade, complete the post-upgrade action items. - 23 -

Download the Upgrade Assistant Tenable recommends downloading the latest version of the upgrade assistant to take advantage of recent fixes and supported functionality. Before you begin: If you already have an outdated version of the upgrade assistant downloaded, delete the outdated.jar file from your directory. To download the latest version of the upgrade assistant: 1. Download the Tenable_sc_io_upgrade_assistant_2.0.jar file to a directory where the java executable is accessible. 2. Confirm that the Tenable_sc_io_upgrade_assistant_2.0.jar file has write access to the directory. What to do next: Run the upgrade assistant, as described in Run the Upgrade Assistant via the User Interface or Run the Upgrade Assistant via the CLI. - 24 -

Run the Upgrade Assistant via the User Interface Before you begin: Understand and prepare for the upgrade, as described in Get Started. In Tenable.io, generate API keys to use during the upgrade. For more information, see the Tenable.io Vulnerability Management User Guide. Download the latest version of the upgrade assistant, as described in Download the Upgrade Assistant. To run the upgrade assistant via the user interface: 1. In the directory where you downloaded the upgrade assistant, double-click on the Tenable_ sc_io_upgrade_assistant_2.0.jar file to launch the user interface. The upgrade assistant user interface appears. 2. In the Temporary Directory section, click Browse and select the location where you want the upgrade assistant to temporarily store upgrade files. 3. On the SecurityCenter tab, configure the Tenable.sc connection options: a. In the SecurityCenter FQDN box, type the fully qualified domain name (FQDN) or IP address for Tenable.sc. b. In the SecurityCenter Security Manager Username and SecurityCenter Security Manager Password boxes, type the credentials for a security manager account on Tenable.sc. c. In the SecurityCenter Administrator Username and SecurityCenter Administrator Password boxes, type the credentials for an administrator account on Tenable.sc. 4. On the Tenable.io tab, configure the Tenable.io connection options: a. In the Tenable.io FQDN box, view the default: cloud.tenable.com. b. In the Tenable.io API Access Key and Tenable.io API Secret Key boxes, type the API keys generated by Tenable.io. - 25 -

5. (Optional) If you want to use the upgrade assistant to migrate user accounts, on the Email Service tab, configure the email server options for distributing Tenable.io credentials: a. In the Host URL box, type the FQDN or IP address for the email server you want to use to distribute Tenable.io account credentials to Tenable.sc users. b. In the Port box, type the port for the email server. c. In the Host User and Host Password boxes, type the credentials for an account on the email server. d. In the Sender Email box, type the email address you want the email server to use when distributing Tenable.io account credentials to Tenable.sc users. 6. (Optional) If you want to use a proxy to communicate with both Tenable.sc and Tenable.io, on the Proxy tab, configure the options for your proxy server: a. In the Proxy Host box, type the FQDN or IP address for the proxy server. b. In the Proxy Port box, type the port for the proxy server. 7. In the Items to Upgrade section, identify the items that you want to upgrade: Select Upgrade all data except scan results to upgrade all supported items except scan result data. Select Upgrade scan results to upgrade scan result data. Select both check boxes to upgrade all supported items. 8. (Optional) If you selected Upgrade scan results, type a Max Scan Result Age to indicate how many days of scan result data you want to upgrade. 9. Click Start Upgrade. The upgrade begins. 10. Monitor the progress of the upgrade on the Upgrade Progress tab. Note: After the upgrade assistant completes, you can find a copy of the upgrade progress log in your local directory: Tenable_sc_io_upgrade_assistant.log. The upgrade completes. 11. Review the post-upgrade action items noted on the Post-Upgrade Action Items tab. - 26 -

Note: You can find a copy of the action items log in your local directory: Tenable_sc_io_ action_items.log. What to do next: Log in to Tenable.io and resolve your post-upgrade action items, as described in Upgraded Data and Post-Upgrade Action Items. If you configured the upgrade assistant to migrate user accounts, instruct migrated users to check their email and retrieve their Tenable.io login credentials. Learn more about Tenable.io using the Tenable.io User Guide. - 27 -

Run the Upgrade Assistant via the CLI Before you begin: Understand and prepare for the upgrade, as described in Get Started. In Tenable.io, generate API keys to use during the upgrade. For more information, see the Tenable.io Vulnerability Management User Guide. Download the latest version of the upgrade assistant, as described in Download the Upgrade Assistant. To run the upgrade assistant via the CLI: 1. Open a command line terminal window as admin or root user. 2. Run the following command, where variable represents custom parameter values defined below: java -jar Tenable_sc_io_upgrade_assistant_2.0.jar nogui SCAdministratorUsername=variable SCAdministratorPassword=variable SCSecurityManagerUsername=variable SCSecurityManagerPassword=variable SCHost=variable IOHost=variable TenableIOAccessKey=variable TenableIOSecretKey=variable MigrateAllDataExceptScanResults=variable: true or false MigrateScanResults=variable: true or false MaxScanResultAge=variable TemporaryDirectory=variable EmailHost=variable EmailPort=variable EmailUser=variable EmailPassword=variable EmailSender=variable ProxyHost=variable ProxyPort=variable Parameter SCAdministratorUsername SCAdministratorPassword SCSecurityManagerUsername Variable Description The username for an administrator account on Tenable.sc. The password for an administrator account on Tenable.sc. The username for a security manager account on Ten- - 28 -

Parameter Variable Description able.sc. SCSecurityManagerPassword SCHost IOHost TenableIOAccessKey TenableIOSecretKey MigrateAllDataExceptScanResults MigrateScanResults MaxScanResultAge The password for a security manager account on Tenable.sc. The fully qualified domain name (FQDN) or IP address for Tenable.sc. (Optional) The Tenable.io FQDN. If you omit this parameter from the command, cloud.tenable.com is used as the default. The API access key generated by Tenable.io. The API secret key generated by Tenable.io. Set to true if you want to upgrade all supported items except scan result data. If you omit this parameter from the command, true is used as the default. Set to true if you want to upgrade scan result data. If you omit this parameter from the command, false is used as the default. The number of days of scan result data that you want to upgrade. If you set MigrateScanResults to false, omit this parameter. If you set MigrateScanResults to true and you omit this parameter from the command, 90 is used as the default. TemporaryDirectory (Optional) The temporary directory where you want the upgrade assistant to temporarily store upgrade files. If you omit this option from the command, the OS /tmp folder is used as the default. EmailHost The FQDN or IP address for the email server you want to - 29 -

Parameter Variable Description use to distribute Tenable.io account credentials to Tenable.sc users. EmailPort EmailUser EmailPassword EmailSender ProxyHost ProxyPort The port for the email server. The username for an account on the email server. The password for an account on the email server. The email address you want the email server to use when distributing Tenable.io account credentials to Tenable.sc users. The FQDN or IP address for the proxy server you want the upgrade assistant to use when connecting to Tenable.sc and Tenable.io. The port for the proxy server you want the upgrade assistant to use when connecting to Tenable.sc and Tenable.io. The upgrade begins. 3. Monitor the progress of the upgrade in the terminal window, or by opening the Tenable_sc_ io_upgrade_assistant.log file. The upgrade completes. 4. Open the Tenable_sc_io_action_items.log file and review the post-upgrade action items. What to do next: Log in to Tenable.io and resolve your post-upgrade action items, as described in Upgraded Data and Post-Upgrade Action Items. If you configured the upgrade assistant to migrate user accounts, instruct migrated users to check their email and retrieve their Tenable.io login credentials. Learn more about Tenable.io using the Tenable.io User Guide. - 30 -

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback