Manualshelf

Specifications

ManualsBrandsRed Hat ManualsOtherCERTIFICATE SYSTEM 6.0 - MIGRATION GUIDE
12345678910
Copyright © 2015. Tenable Network Security, Inc. All rights reserved. Tenable Network Security and Nessus are registered trademarks of Tenable Network Security, Inc.
7
Memory: 2 GB RAM (4 GB RAM recommended)
Nessus scanning large networks
including audit trails and PDF report
generation
CPU: 1 Dual-core 2GHz Intel CPU (2 dual-core
recommended)
Memory: 3 - 4 GB RAM (8 GB RAM recommended)
30 GB
Nessus can be run under a VMware instance, but if the virtual machine is using Network Address Translation (NAT) to
reach the network, many of Nessus’ vulnerability checks, host enumeration, and operating system identification will be
negatively affected.
As of the Nessus 6.0 release, only 64-bit architectures are supported.
Nessus Unix
Before installing Nessus on Unix or Linux, there are several libraries that are required. Many operating systems install
these by default and typically do not require separate installation:
zlib
GNU C Library (i.e., libc)
Oracle Java or OpenJDK (for PDF reporting only)
Java must be installed on the host before Nessus is installed. If Java is installed afterwards, then Nessus will
need to be reinstalled. Further, the same architecture version must be installed, meaning Nessus 6 will only
recognize a 64-bit installation of Java. Many web browsers are 32-bit, meaning visiting the Java download page
will automatically provide the 32-bit version of Java. You may need to manually download the 64-bit version.
Nessus does not support installing to a directory or location via a symlink. If required disk space exists outside
of the /opt file system, mount the desired target directory using “mount --bind <olddir> <newdir>”.
Make sure that the file system is automatically mounted on reboot by editing the /etc/fstab file accordingly.
Nessus Windows
For increased performance and scan reliability, it is highly recommended that Nessus Windows be installed on a server
product from the Microsoft Windows family such as Windows Server 2008 R2. For more information on this issue, please
see the “Nessus Windows Troubleshooting section.
Deployment Options
When deploying Nessus, knowledge of routing, filters, and firewall policies is often helpful. It is recommended that Nessus be
deployed so that it has good IP connectivity to the networks it is scanning. Deploying behind a NAT device is not desirable
unless it is scanning the internal network. Any time a vulnerability scan flows through a NAT device or application proxy of
some sort, the check can be distorted and a false positive or negative can result. In addition, if the system running Nessus
has personal or desktop firewalls in place, these tools can drastically limit the effectiveness of a remote vulnerability scan.
Host-based firewalls can interfere with network vulnerability scanning. Depending on your firewall’s
configuration, it may prevent, distort, or hide the probes of a Nessus scan.