Tenable Core for Nessus User Guide. Last Updated: May 11, 2018

Similar documents
Tenable Appliance 4.8.x User Guide. Last Updated: December 12, 2018

Tenable.sc-Tenable.io Upgrade Assistant Guide, Version 2.0. Last Revised: January 16, 2019

HySecure Quick Start Guide. HySecure 5.0

PVS 5.1 User Guide. Last Updated: October 10, 2016

CA Agile Central Administrator Guide. CA Agile Central On-Premises

ForeScout Extended Module for Tenable Vulnerability Management

Overview of the Cisco NCS Command-Line Interface

Nessus Network Monitor 5.4 User Guide. Last Updated: February 20, 2018

Upgrading from TrafficShield 3.2.X to Application Security Module 9.2.3

PVS 4.4 User Guide. Revision April, 2016

KACE Systems Deployment Appliance 5.0. Administrator Guide

vcenter Server Appliance Configuration Update 1 Modified on 04 OCT 2017 VMware vsphere 6.5 VMware ESXi 6.5 vcenter Server 6.5

Installing or Upgrading ANM Virtual Appliance

How-to Guide: Tenable.io for Microsoft Azure. Last Updated: November 16, 2018

Installing and Configuring vcloud Connector

VMware AirWatch Product Provisioning and Staging for Windows Rugged Guide Using Product Provisioning for managing Windows Rugged devices.

FileCruiser. Administrator Portal Guide

IPMI Configuration Guide

Reset the Admin Password with the ExtraHop Rescue CD

dctrack Quick Setup Guide (Recommended) Obtain a dctrack Support Website Username and Password

CA Agile Central Installation Guide On-Premises release

Redhat OpenStack 5.0 and PLUMgrid OpenStack Networking Suite 2.0 Installation Hands-on lab guide

Runecast Analyzer User Guide

Dell Storage Integration Tools for VMware

dctrack Quick Setup Guide Virtual Machine Requirements Requirements Requirements Preparing to Install dctrack

Tenable Appliance 4.6 User Guide. Last Updated: January 12, 2018

KACE Systems Deployment Appliance (K2000) 4.1. Administrator Guide

Installing and Configuring vcenter Support Assistant

Post-Installation and Maintenance Tasks

UDP Director Virtual Edition

VMware Identity Manager Connector Installation and Configuration (Legacy Mode)

SmartPath EMS VMA Virtual Appliance Quick Start Guide

Dell Storage Compellent Integration Tools for VMware

Transport Gateway Installation / Registration / Configuration

Device Manager. Managing Devices CHAPTER

Deploy the ExtraHop Discover Appliance with VMware

Amigopod Release Notes. Updating to Amigopod Document Overview. Overview of the Update Process. Verify the System s Memory Limit

ForeScout CounterACT. Single CounterACT Appliance. Quick Installation Guide. Version 8.0

Tenable Appliance User Guide. Last Updated: 16 September, 2016

ISO Installation Guide. Version 1.2 December 2015

IBM Spectrum Protect Plus Version Installation and User's Guide IBM

UDP Director Virtual Edition Installation and Configuration Guide (for Stealthwatch System v6.9.0)

Installing and Configuring VMware Identity Manager Connector (Windows) OCT 2018 VMware Identity Manager VMware Identity Manager 3.

Ansible Tower Quick Setup Guide

vcenter CapacityIQ Installation Guide

How to Use This Lab Manual

Tenable Appliance 4.1 User Guide. Last Updated: 01 June, 2016

Host Identity Sources

Installing Cisco MSE in a VMware Virtual Machine

KYOCERA Net Admin User Guide

ElasterStack 3.2 User Administration Guide - Advanced Zone

Okta Integration Guide for Web Access Management with F5 BIG-IP

Installing the Operating System or Hypervisor

This option lets you reset the password that you use to log in if you do not remember it. To change the password,

Monitoring WAAS Using WAAS Central Manager. Monitoring WAAS Network Health. Using the WAAS Dashboard CHAPTER

Web Self Service Administrator Guide. Version 1.1.2

Tanium Appliance Installation Guide

Overview. ACE Appliance Device Manager Overview CHAPTER

This option lets you reset the password that you use to log in if you do not remember it. To change the password,

Offline Scanner Appliance

SOURCEFIRE 3D SYSTEM RELEASE NOTES

Installing and Upgrading Cisco Network Registrar Virtual Appliance

Epson Device Admin User s Guide NPD EN

Viewing System Status, page 404. Backing Up and Restoring a Configuration, page 416. Managing Certificates for Authentication, page 418

Dell Storage Compellent Integration Tools for VMware

Google Search Appliance

SafeConsole On-Prem Install Guide

VMware AirWatch Content Gateway Guide for Linux For Linux

Transport Gateway Installation / Registration / Configuration

vcenter Server Appliance Configuration Modified on 17 APR 2018 VMware vsphere 6.7 VMware ESXi 6.7 vcenter Server 6.7

Plexxi HCN Plexxi Connect Installation, Upgrade and Administration Guide Release 3.0.0

Smart Install in LMS CHAPTER

Tenable Appliance 4.1 User Guide. Last Updated: 07 February, 2017

Using ANM With Virtual Data Centers

VMware AirWatch Content Gateway for Linux. VMware Workspace ONE UEM 1811 Unified Access Gateway

Contents. Limitations. Prerequisites. Configuration

SOURCEFIRE 3D SYSTEM RELEASE NOTES

Administrator Guide. Find out how to set up and use MyKerio to centralize and unify your Kerio software administration.

Gnostice StarDocs On-Premises API Virtual Appliance

Easy Setup Guide. Cisco FindIT Network Probe. You can easily set up your FindIT Network Probe in this step-by-step guide.

Tenable for Palo Alto Networks

1. Press "Speed Test" to find out your actual uplink and downlink speed.

Product Version 1.1 Document Version 1.0-A

VMware vrealize Log Insight Getting Started Guide

NexentaStor VVOL

CounterACT 7.0. Quick Installation Guide for a Single Virtual CounterACT Appliance

HiveManager Virtual Appliance QuickStart

Cisco ACI vcenter Plugin

akkadian Provisioning Manager Express


Installing the Cisco Unified MeetingPlace Web Server Software

Comodo Dome Firewall Central Manager Software Version 1.2

Active System Manager Version 8.0 User s Guide

Installing the Cisco CSR 1000v in VMware ESXi Environments

HyTrust Appliance Installation Guide

Edge Device Manager Quick Start Guide. Version R15

Active Fabric Manager for Microsoft Cloud Platform System Installation Guide for AFM-CPS 2.2(0.0)

CloudLink SecureVM. Administration Guide. Version 4.0 P/N REV 01

VMware Identity Manager Cloud Deployment. Modified on 01 OCT 2017 VMware Identity Manager

VMware Identity Manager Cloud Deployment. DEC 2017 VMware AirWatch 9.2 VMware Identity Manager

Transcription:

Tenable Core for Nessus User Guide Last Updated: May 11, 2018

Table of Contents Welcome to Tenable Core for Nessus 5 Nessus Virtual Image Installation 10 Nessus Hardware Requirements 11 Installation 12 Online ISO Installation 13 Install OVA 14 Create a New Account 15 Create User 18 Edit User 19 Change Password 20 Nessus Configuration 21 Manual Setup 24 Configure Static IP Addresses 25 System Layout 27 Dashboard 28 Add Server 29 Edit Server 31 Delete Server 33 System 34 Edit Machine Host Name 35 Edit Time and Time Zone 36 Restart 37 Copyright 2018. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.

Shutdown 38 Change Performance Profile 39 System Log 40 Filters 41 Networking 42 Add Bond 43 Add Team 45 Add Bridge 46 Add VLAN 47 Storage 48 Rename File System 49 Delete File System 50 Accounts 51 Services 52 Targets 53 System Services 54 Sockets 55 Timers 56 Create Timer 57 Paths 58 Diagnostic Reports 59 Generate Report 60 Nessus 61 Terminal 66 Copyright 2018. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.

Update Management 67 Timer Configuration Line 69 Offline Updates 70 Software Updates 71 Copyright 2018. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.

Welcome to Tenable Core for Nessus The Tenable Virtual Appliance is now known as Tenable Core. The reason for this change is the implementation of a new base operating system. This new model streamlines and simplifies deployment by creating a build for each Tenable on-premises application. Tenable Core is a deployment architecture that shortens time to first scan using a secure and stable platform. Features Built upon CentOS 7 and hardened by targeting the CIS standards for RedHat 7 with SELinux Enabled. Provides automatic install and updates via Tenable Public Repositories. Consists of Tenable Core and a Tenable Application. These are independent of one other. The following builds are currently available. Consists of Tenable Core and a Tenable Application. These are independent of one other. The following builds are currently available. Tenable Core + Web Application Scanning Tenable Core + Nessus Tenable Core + Nessus Network Monitor Root access is now enabled to Tenable Core builds Root access is now enabled to Tenable Core builds See the following list for additional information about CIS standards adopted: SELinux: SELinux is enabled by default on this image CIS Benchmarks: Tenable has implemented the following parts of the CIS Level 1 Benchmark on the Tenable Core: CIS Level 1-1.x CIS 1.1.1.* (Disable mounting of miscellaneous filesystems) CIS 1.1.21 (Ensure sticky bit is set on all world-writable directories) Copyright 2018. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.

CIS 1.4.* (Bootloader adjustments) CIS 1.4.1 Ensure permissions on bootloader config are configured CIS 1.4.2 Ensure bootloader password is set - set superusers CIS 1.7.1.* (Messaging/banners) Ensure message of the day is configured properly Ensure local login warning banner is configured properly Ensure remote login warning banner is configured properly Ensure GDM login banner is configured - banner message enabled Ensure GDM login banner is configured - banner message text CIS Level 1-2.x CIS 2.2.* (disabled packages) x11 avahi-server CUPS nfs Rpc CIS level 1-3.x CIS 3.1.* (packet redirects) 3.1.2 Ensure packet redirect sending is disabled - 'net.ipv4.conf.all.send_redirects = 0' 3.1.2 Ensure packet redirect sending is disabled - 'net.ipv4.conf.default.send_redirects = 0' CIS 3.2.* (ipv4, icmp, etc) 3.2.1 Ensure source routed packets are not accepted - 'net.ipv4.conf.all.accept_ source_route = 0' 3.2.1 Ensure source routed packets are not accepted - 'net.ipv4.conf.default.accept_ source_route = 0' 3.2.2 Ensure ICMP redirects are not accepted - 'net.ipv4.conf.all.accept_redirects = 0' Copyright 2018. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.

3.2.2 Ensure ICMP redirects are not accepted - 'net.ipv4.conf.default.accept_redirects = 0' 3.2.3 Ensure secure ICMP redirects are not accepted - 'net.ipv4.conf.all.secure_redirects = 0' 3.2.3 Ensure secure ICMP redirects are not accepted - 'net.ipv4.conf.default.secure_ redirects = 0' 3.2.4 Ensure suspicious packets are logged - 'net.ipv4.conf.all.log_martians = 1' 3.2.4 Ensure suspicious packets are logged - 'net.ipv4.conf.default.log_martians = 1' 3.2.5 Ensure broadcast ICMP requests are ignored 3.2.6 Ensure bogus ICMP responses are ignored 3.2.7 Ensure Reverse Path Filtering is enabled - 'net.ipv4.conf.all.rp_filter = 1' 3.2.7 Ensure Reverse Path Filtering is enabled - 'net.ipv4.conf.default.rp_filter = 1' 3.2.8 Ensure TCP SYN Cookies is enabled CIS 3.3.* (IPv6) 3.3.1 Ensure IPv6 router advertisements are not accepted 3.3.2 Ensure IPv6 redirects are not accepted CIS 3.4.* (tcp) 3.4.1 Ensure TCP Wrappers is installed CIS 3.5.* (network protocols) 3.5.1 Ensure DCCP is disabled 3.5.2 Ensure SCTP is disabled 3.5.3 Ensure RDS is disabled 3.5.4 Ensure TIPC is disabled CIS Level 1-4.x CIS 4.2.* (rsyslog) 4.2.1.3 Ensure rsyslog default file permissions configured 4.2.1.4 Ensure rsyslog is configured to send logs to a remote log host Copyright 2018. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.

Note: 4.2.1.4 requires knowing the address of the central log host, thus not easily done in the kickstart. 4.2.4 Ensure permissions on all logfiles are configured CIS Level 1-5.x CIS 5.1.* (cron permissions) 5.1.2 Ensure permissions on /etc/crontab are configured 5.1.3 Ensure permissions on /etc/cron.hourly are configured 5.1.4 Ensure permissions on /etc/cron.daily are configured 5.1.5 Ensure permissions on /etc/cron.weekly are configured 5.1.6 Ensure permissions on /etc/cron.monthly are configured 5.1.7 Ensure permissions on /etc/cron.d are configured 5.1.8 Ensure at/cron is restricted to authorized users - at.allow 5.1.8 Ensure at/cron is restricted to authorized users - at.deny 5.1.8 Ensure at/cron is restricted to authorized users - cron.allow 5.1.8 Ensure at/cron is restricted to authorized users - cron.deny CIS 5.2.11 (Turn off Weak Ciphers for SSH) CIS 5.3.* (password/pam) 5.3.1 Ensure password creation requirements are configured - dcredit 5.3.1 Ensure password creation requirements are configured - lcredit 5.3.1 Ensure password creation requirements are configured - minlen 5.3.1 Ensure password creation requirements are configured - ocredit 5.3.1 Ensure password creation requirements are configured - ucredit 5.3.2 Lockout for failed password attempts - password-auth 'auth [default=die] pam_ faillock.so authfail audit deny=5 unlock_time=900' 5.3.2 Lockout for failed password attempts - password-auth 'auth [success=1 defaultt=bad] pam_unix.so' Copyright 2018. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.

5.3.2 Lockout for failed password attempts - password-auth 'auth required pam_faillock.so preauth audit silent deny=5 unlock_time=900' 5.3.2 Lockout for failed password attempts - password-auth 'auth sufficient pam_faillock.so authsucc audit deny=5 unlock_time=900' 5.3.2 Lockout for failed password attempts - system-auth 'auth [default=die] pam_ faillock.so authfail audit deny=5 unlock_time=900' 5.3.2 Lockout for failed password attempts - system-auth 'auth [success=1 defaultt=bad] pam_unix.so' 5.3.2 Lockout for failed password attempts - system-auth 'auth required pam_faillock.so preauth audit silent deny=5 unlock_time=900' 5.3.2 Lockout for failed password attempts - system-auth 'auth sufficient pam_faillock.so authsucc audit deny=5 unlock_time=900' 5.3.3 Ensure password reuse is limited - password-auth 5.3.3 Ensure password reuse is limited - system-auth CIS 5.4.* (user prefs) 5.4.1.2 Ensure minimum days between password changes is 7 or more 5.4.1.4 Ensure inactive password lock is 30 days or less 5.4.4 Ensure default user umask is 027 or more restrictive - /etc/bashrc CIS 5.6.* (wheel group) 5.6 Ensure access to the su command is restricted - pam_wheel.so 5.6 Ensure access to the su command is restricted - wheel group contains root CIS Level 1-6.x CIS 6.1.* (misc conf permissions) 6.1.6 Ensure permissions on /etc/passwd- are configured 6.1.8 Ensure permissions on /etc/group- are configured Copyright 2018. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.

Nessus Virtual Image Installation Reference following sections to begin the deployment model. Install the VM Image Install OVA Install ISO Other Configuration Methods Manual setup Configuration of static IP addresses Create a New Account Create a new account Connect to Nessus Nessus configuration - 10 -

Nessus Hardware Requirements The following chart outlines the minimum hardware requirements for operating Tenable Core for Nessus. Scenario Nessus scanning up to 50,000 hosts Hardware Recommendations CPU: 2 dual-core, 2 GHz Memory: 4 GB RAM (8 GB RAM recommended) Hard Drive: 30 GB Nessus scanning more than 50,000 hosts CPU: 4 dual-core, 2 GHz Memory: 8 GB RAM (16 GB RAM recommended) Hard Drive: 30 GB (Additional space may be needed for reporting) Nessus Manager with up to 10,000 agents CPU: 4 dual-core, 2GHz Memory: 16 GB RAM Hard Drive: 30 GB (Additional space may be needed for reporting) Nessus Manager with up to 30,000 agents CPU: 4 dual-core, 2GHz Memory: 64 GB Hard Drive: 30 GB (Additional space may be needed for reporting) - 11 -

Installation Use one of the following options to deploy Tenable Core. Install ISO Install OVA - 12 -

Online ISO Installation Tenable Core supports ISO installation. Use the following steps to install the ISO. Steps 1. Download the ISO from tenable.com/downloads. 2. Select the ISO image and download the install. 3. Boot from the ISO on a machine with access to the internet. 4. The system may reboot or power off. 5. Log in to the system. The ISO installation is complete. - 13 -

Install OVA The Tenable VM is available for VMware Server, VMware Player, VMware ESX, VMware Workstation, and VMware Fusion (http://vmware.com/) and can be downloaded from the Tenable Downloads Page. The Tenable Core VMware image for VMware Server, VMware Fusion, VMware Workstation, VMware ESX server, and VMware Player is provided as an.ova file with the OS and applications in a 64-bit version. Note: An internet connection is required for updates and upgrades. Use the following steps to install the VMware. 1. Download the OVA from tenable.com/downloads. 2. Launch the VMware program and import the.ova file that was downloaded. 3. Adjust the default VM settings as needed for the local environment. 4. The boot process will be displayed in the VM console window when started. (It may take several minutes for the application services to start.) - 14 -

Create a New Account 1. For the initial log in, administrative users must create an account. 2. The initial screen will request a login. Enter the following: Username: wizard Password: admin 3. The Initial Account Setup screen will appear with a new window to create the new administrator. Enter the new user account information. - 15 -

4. Note: The password must contain at least one capital letter, one numeric character, one nonalphanumeric character, and must be at least 14 characters long. 5. A confirmation message will display. Click Finish Setup to complete the new account creation and log out. 6. Click the Create Account button. A new screen with a new log in window will appear. - 16 -

7. Enter the newly created account information to log in to the system. Caution: Select the Reuse my password for privileged tasks option at the bottom of the log in screen to ensure access to all of the root administrative tasks. If this is not selected, some root tasks will not work. - 17 -

Create User Steps 1. In the left navigation pane, click on Accounts. The Accounts page displays. 2. Click the Create New User button at the top of the page. A new window will appear. 3. Enter the user's information in the new window. Note: The password must be at least 14 characters. 4. Click the Create button at the bottom of the page. 5. A card with the newly created user will appear on the Accounts page. - 18 -

Edit User Click the User's card to access the user's information. The user's name, role, access and password can be edited on this page. User sessions can be terminated using the Terminate Session button at the top of the page. In addition, a user can be deleted by clicking the Delete button at the top of the page. - 19 -

Change Password Steps 1. In the left navigation pane, click on Accounts. 2. Click the user's card. 3. Click the Set Password button. A new window will appear. 4. Enter the required information in the fields - old password, new password, and confirm new password. 5. Next, click the Set button. 6. The password is updated. - 20 -

Nessus Configuration 1. Click on the URL in the Nessus Installation Info Card. 2. The Nessus Welcome screen will display. Click Continue. 3. The Account Setup screen will display. Enter your username and password. - 21 -

4. The Registration screen will display. Select the registration type from the drop down list, enter the activation code and click Continue. 5. Nessus will begin downloading. - 22 -

- 23 -

Manual Setup For users that want to automate VM deployment using tools like Ansible, Puppet, Chef, etc., use the following scripts to complete the process manually. 1. Run the /usr/libexec/tenablecore/wizard/wizardadduser.sh shell script. 2. Provide two lines of input on standard input. 3. The first line is the username. 4. The second line is the password. Example $ pkexec /usr/libexec/tenablecore/wizard/wizardadduser.sh <<'EOF' newadmin sup3rsaf3p4ssw()rd EOF or $ pkexec /usr/libexec/tenablecore/wizard/wizardadduser.sh newadmin sup3rsaf3p4ssw()rd 5. Logout of the wizard account/session. - 24 -

Configure Static IP Addresses Static IP addresses can only be configured after creating an admin user and configuring a DHCP connection. Note: Make sure Wired connection 1 is selected. Note: An alternative connection can be made by going to the connection list and modifying it. Device List Enter the following to view the current device list. $ nmcli device status DEVICE TYPE STATE CONNECTION ens160 ethernet connected Wired connection 1 lo loopback unmanaged -- Note: Make sure Wired connection 1 is selected from the list of available connections. Note: The value in the DEVICE column. Add Connection Enter the following to fetch the connection associated with that device. $ conn=$(nmcli -g general.connection device show ens160) $ echo "$conn" Static Connection Enter the following to configure a static connection. - 25 -

$ nmcli connection modify "$conn" connection.autoconnect yes ipv4.method manual ipv4.addr "10.0.0.1/24" ipv4.dns "10.0.1.1, 10.0.1.2" ipv4.gateway "10.0.0.254" Restart or Reboot the Connection Enter the following to restart. $ nmcli connection down "$conn" && nmcli connection up "$conn" or Enter one of the following to reboot. $ systemctl reboot $ shutdown -r now $ reboot - 26 -

System Layout The system pages are located in two sections. The Dashboard option is located in the top horizontal menu listing while the other features are listed in the left navigation pane. Dashboard System System Log Networking Storage Accounts Services Diagnostic Reports Nessus Terminal Update Management Software Updates - 27 -

Dashboard The Dashboard displays a list of systems running on the server. The graph provides information for CPU usage, memory usage, disk I/O, and network traffic. Click on the options above the graph to view the corresponding data. A list of servers are displayed beneath the graph. - 28 -

Add Server Steps 1. In the far left navigation pane, click the Dashboard option. The Dashboard page displays. 2. Click the Add Server icon ( ) in the Server heading. A new window will display. 3. Enter the IP address or Host name for the machine to be added. 4. Click the color bar displayed to select the desired color to identify the added machine. 5. Click Add. A new window may display if the new machine requires authentication. - 29 -

6. Click Connect A new window will appear. 7. Enter the User name and Password for the new machine and click Log In. The window will close. 8. The new machine will be added to the list. If the new machine does not appear immediately, refresh the screen. Tip: Accounts can be synchronized using the Synchronize Account and Passwords link in the authentication credentials window in step five. - 30 -

Edit Server The server name and color designation can be edited. To edit the displayed server information: Steps 1. In the far left navigation page, click the Dashboard option. The Dashboard page displays. 2. Click the edit server icon in the Server header. Two new icons will display to the right of the listed servers. 3. Click on the edit icon. A new window will display. - 31 -

4. Make the desired edits and click Set. - 32 -

Delete Server Steps 1. In the left navigation pane, click the Dashboard option. The Dashboard page displays. 2. Click the check icon in the Server heading. Two new icons will display to the right of the listed servers. 3. Click the delete icon and the server will be deleted. - 33 -

System The System page provides information and graphs about the system on which the machine is running. Graphs provide information for the CPU usage, memory usage, disk I/O, and network traffic. In addition, information for hardware and operating system details are displayed. Users can view machine SSH fingerprints, view and change the machine host name, time and time zone, restart or shutdown the system, or change the performance profile. - 34 -

Edit Machine Host Name Steps 1. In the left navigation pane, click the System option. The System page displays. 2. Click the link next to the Host Name option in the information list that is left of the graph charts. A new window will appear with the options to enter/edit the Pretty Host Name and Real Host Name. 3. Enter the Pretty Host Name for the machine. The Real Host Name will update as the Pretty Host Name is entered. 4. Click Change to update the name. The new name will be displayed next to the Hostname option. - 35 -

Edit Time and Time Zone Steps 1. In the left navigation pane, click the System option. The System page displays 2. Click the link next to the System Time option in the information list that is left of the graph charts. A new window will appear. 3. Select the correct time zone from the Time Zone drop down list. Tip: Type the first few letters of the desired time zone to filter the list. 4. Next, select the Set Time option for Automatic or Manual updates. 5. Click Change to confirm the updated time settings. The updated time information will be displayed next to the System Time option. - 36 -

Restart Steps 1. In the left navigation pane, click the System option. The System page displays. 2. Next to the Power Optionsitem, click the Restart button or select it from the drop down menu. A new window will appear. 3. Enter a message for the users in the text box. 4. Select the delay time from the drop down menu. This is the time that the restart will start. Choose from one of the minute increments or enter a specific time. There is also an option to restart immediately with no delay. 5. Click the Restart button to initiate and save the updated information. - 37 -

Shutdown Steps 1. In the left navigation pane, click the System option. The System page displays. 2. Next to the Power Optionsitem, click the arrow by Restart to display the drop down menu. Select Shut Down. A new window will appear. 3. Enter a message for the users in the text box. 4. Select the delay time from the drop down menu. This is the time that the shut down will start. Choose from one of the minute increments or enter a specific time. There is also an option to Shut Down immediately with no delay. 5. Click Shut Down to initiate and save the updated information. - 38 -

Change Performance Profile Steps 1. In the left navigation pane, click the System option. The System page displays. 2. Click on the link next to the Performance Profile option in the information list that is left of the graph charts. A new window will appear displaying Performance Profile options. 3. Select the desired Performance Profile. The recommended profile is labeled in the list. 4. Click Change Profile to confirm the new selection. - 39 -

System Log View the System Log when errors are encountered in the system. The System Log lists, categorizes, and stores system issues that have occurred within the last seven days. Click on an individual entry (row) to get additional information. - 40 -

Filters Several log type filters are available. The Everything option is selected by default. Select another option using the drop down menu at the top of the page. The logs are listed with the most recent entry displayed first. Previous days are divided into sections with the corresponding date displayed in the header. The logs can be filtered using the drop down menu. Click on the date to display the filter options for the logs. - 41 -

Networking The Networking page provides real-time system sending/receiving information, interface connection options, and logs. The Interfaces section provides options for Add Bond, Add Bridge, Add Team, and Add VLAN. The Add Bond option provides a method for aggregating multiple network interfaces into a single bonded interface. Configure team settings with the Add Team option. Use the Add Bridge feature to create a single aggregate network from multiple communication networks. The Networking Logs section provides a daily log of activity for the system network. - 42 -

Add Bond Steps 1. In the left navigation pane, click the Networking option. The Networking page displays. 2. In the Interfaces heading, click the Add Bond button on the Interfaces section. A new window appears. 3. Enter a Name for the bond. 4. Select the members (interfaces) to bond to in the Members section. 5. Select an option for MAC. 6. Select the Mode. 7. Select a Primary. 8. Select the type of Link Monitoring. The recommended type is labeled in the drop down list. - 43 -

9. Enter the Monitoring Intervals with options to link up or down delay increments. - 44 -

Add Team Steps 1. In the left navigation pane, click the Networking option. The Networking page displays. 2. In the Interfaces heading, click the Add Team button on the Interfaces section. A new window will appear. 3. Enter the Team Name. 4. Select the Ports needed for the new team. 5. Select the Runner and Link Watch from the drop down list. 6. Enter the Link up and Link down delay increments. - 45 -

Add Bridge Steps 1. In the left navigation pane, click the Networking option. The Networking page displays. 2. In the Interfaces heading, click the Add Bridge button on the Interfaces section. A new window will appear. 3. Enter a Name for the bridge. 4. Select the Ports that will connect to the bridge. 5. Click the box next to Spanning Tree Protocol (STP) to get additional STP options. 6. Click Apply to add the new bridge. - 46 -

Add VLAN Steps 1. Click the Add VLAN button on the Interfaces section. A new window will appear. 2. Select the Parent from the drop down list. 3. Enter the VLAN Id and name. 4. Click Apply to confirm add the VLAN. 5. The new VLAN will display in the Interface list. - 47 -

Storage The Storage section provides real-time reading/writing graphs, File Systems information, and Storage logs. The File Systems section lists each item noting the name, mount point, and size. Additional details can be viewed by clicking on individual file systems (rows). The detailed view provides information for capacity, logical volumes, and correlating file storage logs. The file system name can be updated on the details page. In addition, single file systems can be deleted. - 48 -

Rename File System Steps 1. In the left navigation pane, click the Storage option. The Storage page displays. 2. In the File Systems section, click on the individual file in the file systems list. The details page will appear. 3. Click the Rename button in the upper right section of the window. A new window will appear. 4. Enter the new name for the File System. 5. Click Create. The new name will immediately display on the page. - 49 -

Delete File System Steps 1. In the left navigation pane, click the Storage option. The Storage page displays. 2. In the File System section, click the individual file in the files systems list. The details page will appear. 3. Click the red Delete button in the system heading. 4. Confirm that you want to delete the File System. 5. Caution: Deleting a volume group will erase all data on it. - 50 -

Accounts New and existing users are managed through the Accounts section. User accounts are displayed in cards on the main screen. Click on the user card to display the user's information. User information can also be edited within the user information box. - 51 -

Services The Services page provides detailed information for Targets, System Services, Sockets, Timers, and Paths. - 52 -

Targets The Targets section provides a list of enabled, disabled, and static targets. Click on individual target listing to view detailed information. The detailed listing provides options to start, stop, restart, and reload. In addition, there are numerous options for enabling, disabling, and masking. A list of Service Logs are, also, displayed on the details page. - 53 -

System Services The System Services section provides a list of enabled, disabled, and static services. Click on an individual system services listing to view detailed information. The detailed listing provides options to start, stop, restart, and reload. In addition, there are numerous options for enabling, disabling, and masking. A list of Service Logs are, also, displayed on the details page. - 54 -

Sockets The Sockets section provides a list of enabled, disabled, and static sockets. Click on an individual socket listing to view detailed information. The detailed listing provides options to start, stop, restart, and reload. In addition, there are numerous options for enabling, disabling, an masking. A list of Service Logs are, also, displayed on the details page. - 55 -

Timers The Timers section provides a list of enabled, disabled, and static sockets. Click on an individual timer listing to view detailed information. The detailed listing provides options to start, stop, restart, and reload. In addition, there are numerous options for enabling, disabling, an masking. A list of Service Logs are, also, displayed on the details page. - 56 -

Create Timer Steps 1. In the left navigation pane, click the Services option. The Services page displays. 2. In the Services page heading, click the Create Timers button. A new window appears. 3. Enter the Service Name, Description, Command, and Run information. 4. Click Save. The new timer will display in the enabled section of the list. - 57 -

Paths The Paths section provides a list of enabled, disabled, and static paths. Click on an individual path listing to view detailed information. The detailed listing provides options to start, stop, restart, and reload. In addition, there are numerous options for enabling, disabling, an masking. A list of Service Logs are, also, displayed on the details page. - 58 -

Diagnostic Reports Diagnostic Reports are helpful when issues are encountered. The Diagnostic Report can aid in troubleshooting problems. If your support team or Tenable support requests a diagnostic report, click the Diagnostic Report option in the left navigation pane. The Reports page displays. - 59 -

Generate Report Steps 1. Click the Create Report button. 2. A new window with a status bar will appear as the report generates. 3. When the report is complete, the status will display Done. 4. Click the Download Report button to save and print the report. - 60 -

Nessus The Nessus application must be activated and configured to make the system manageable via a web browser or SecurityCenter. Until a valid Activation Code is entered or the Nessus scanner has been configured to be managed by SecurityCenter, the message Error: Invalid/Expired Activation Code will be displayed in red on the Nessus Installation Info card on the Nessus page. Configuration options for Nessus are available in the cards on the Nessus page. - 61 -

Nessus Installation Info The Nessus Installation Info section provides information for the Nessus application. Users can view the URLs, Service Status, License, Challenge Code, Application version, and Binary version. Edit Nessus Users - 62 -

The Edit Nessus Users section provides a place where user passwords can be updated and user rules can be configured. Update Password 1. Select the user from the drop down list. 2. Enter the New Password in the New Password field. 3. Confirm the New Password in the Confirm New Password field. 4. Click Reset Password. A green success message will display at the bottom of the card. Configure User Rules 1. Select the user from the drop down list. 2. Click the Configure User Rules link. A new window will open with a text box to enter the user rules. 3. Enter the user rules and click Save. 4. A success message will appear at the bottom of the Edit Nessus User card. Nessus Plugin Management The Nessus Plugin Management section enables users to manually update their Nessus plugin set. This is useful in offline situations where SecurityCenter will not have direct access to Tenable s plugin - 63 -

servers. It is important to disable the SecurityCenter nightly plugin update process when using the manual method. Note: Nessus cannot be running while these builds are performed. Stop Nessus by selecting the Stop option in the Service Status section on the Nessus Installation Info card. Rebuild Plugin Database 1. Click the Rebuild Plugin Database button. 2. A message with a status update that the system is rebuilding the plugin database will appear at the bottom of the card. 3. A green Success message will appear when the rebuild is complete. Remove Plugins 1. Click the Remove Plugins button. 2. A message with a status update that the system is removing the plugins appears at the bottom of the card. 3. A green Success message will appear when the removal is complete. Nessus Webserver Authentication The Web Server Authentication section controls the configuration of the SSL Client Certificate authentication permissions. The two options are password or SSL Client Certificate. This setting will control the option available for users to log into the Nessus server via SSL client certificate or password authentication. The SSL Client Certificate option configures the Nessus web server to only accept connections from web browsers that present a valid SSL client certificate. Other connection attempts will be rejected by the web server with the exact message displayed dependent on the web browser in use. The Password option configures the Nessus web server to ignore any SSL client certificates but allow the web browser connection. This is the default setting and works with most web browsers without issue. To change the Nessus Webserver Authentication: - 64 -

1. Click the arrow in the drop down menu to display the options on the Nessus Webserver Authentication card. 2. Select the desired type of authentication. 3. Click Set Authentication Type to save the new selection. A green Success message will appear to confirm the update and states that Nessus will have to be restarted for the changes to take effect. Edit Nessus Rules This section allows you to define the nessusd.rules, that function the same as the user rules discussed above, to forbid or allow nessusd to connect to some or all ports for the specified IP address or Plugin ID. These rules affect Nessus globally regardless of the defined Nessus user rules. 1. Make edits directly in the text box displayed. 2. Click Save Nessus Rules to confirm the update. Nessus Logs The Nessus Logs section contains four different log types. Click on the drop down menu to view the Backend log, Webserver log, Error log, and nessussd.messages log. After making your selection, click view log. - 65 -

Terminal The Terminal option provides a console for user specific command line interface. - 66 -

Update Management The Update Management section is divided into two sections: Automatic Updates and Proxy Configuration. Updates are also supported for air gapped application updates. See the Offline ISO Installation section for air gapped application update information. Automatic Updates The Automatic Updates section provides information for scheduled updates. Updates can be modified by clicking the word Here in the statement above the listed information. Clicking the word Here will take you to the Services page. The Services page contains options for configuring automatic updates. The Automatic Updates runs a full system update. Reboot the system after the updates are installed. Note: Additional updates will be needed for systems using On-Prem. Click here to view the required steps. - 67 -

Proxy Configuration The Proxy Configuration section provides the option for configuring a proxy server if a proxy server is needed for internet access. Enter the proxy information and click the Save Proxy button to complete the configuration. - 68 -

Timer Configuration Line Steps 1. Click the Edit option (blue text) in the Timer Config Line row. A window will open. 2. Select the Day of week, Day of month, Hour, and/or Minute for the desired configuration. Note: If both, Day of week and Day of month are selected, the system will only perform updates on days when those two items coincide. For example, if Wednesday is select for Day of week and 8 is selected for Day of month the system will only update on Wednesday's that fall on the 8th. 3. Click Save to confirm the configuration. A confirmation message will appear and the window will close. 4. Refresh the screen to update the page. 5. The updated configuration will display in the Automatic Updates section. - 69 -

Offline Updates To install without an internet connection: 1. Download the ISO file from the Tenable Downloads page. (/srv/tenablecore/offlineiso/tenable-offline-updates.iso) 2. Upload the file via scp. Example: scp local-iso-file.iso user@host:/srv/tenablecore/offlineiso/tenableoffline-updates.iso Note: This specific path must be used. 3. After the upload, updates will be applied automatically at the configured time set on the Update Management page or on the next reboot. Note: The update can also be applied manually on the Software Updates page. Note: Subsequent updates can be made by replacing the existing ISO file. - 70 -

Software Updates The Software Updates page provides information for necessary system updates. Click the Check for Updates button to scan the system for uninstalled updates. If updates are found, an Install all updates button will appear at the top of the page. Click the button to install the updates. - 71 -

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback