Specifications
Copyright © 2015. Tenable Network Security, Inc. All rights reserved. Tenable Network Security and Nessus are registered trademarks of Tenable Network Security, Inc.
80
Nessus Service Manipulation via Windows CLI
Nessus can also be started or stopped from the command line. Note that the command window must be called with
Administrative privileges:
C:\Windows\system32>net stop "Tenable Nessus"
The Tenable Nessus service is stopping.
The Tenable Nessus service was stopped successfully.
C:\Windows\system32>net start "Tenable Nessus"
The Tenable Nessus service is starting.
The Tenable Nessus service was started successfully.
C:\Windows\system32>
Working with SecurityCenter
SecurityCenter Overview
Tenable’s SecurityCenter is a web-based management console that unifies the process of vulnerability detection and
management, event and log management, compliance monitoring, and reporting on all of the above. SecurityCenter
enables efficient communication of security events to IT, management, and audit teams.
SecurityCenter supports the use of multiple Nessus scanners in concert for the scanning of virtually any size network on a
periodic basis. Using the Nessus API (a custom implementation of the XML-RPC protocol), SecurityCenter communicates
with associated Nessus scanners to send scanning instructions and receive results.
SecurityCenter enables multiple users and administrators with different security levels to share vulnerability information,
prioritize vulnerabilities, show which network assets have critical security issues, make recommendations to system
administrators for fixing these security issues and to track when the vulnerabilities are mitigated. SecurityCenter also
receives data from many leading intrusion detection systems such as Snort and ISS via the Log Correlation Engine (LCE).
SecurityCenter can also receive passive vulnerability information from Tenable’s Passive Vulnerability Scanner (PVS)
such that end users can discover new hosts, applications, vulnerabilities, and intrusions without the need for active
scanning with Nessus.
Note that if Nessus Enterprise manages secondary scanners, those scanners will not be available to
SecurityCenter. Any secondary scanners will remain exclusive to Nessus Enterprise.
Configuring SecurityCenter to work with Nessus
The SecurityCenter administration interface is used to configure access and control of any Nessus scanner that is version
4.2.x or higher. Click the “Resources” tab and then click “Nessus Scanners”. Click “Add” to open the “Add Scanner”
dialog. The Nessus scanner’s IP address or hostname, Nessus port (default: 8834), authentication type (created while
configuring Nessus), and administrative login ID and password or certificate information are required. The password fields
are not available if “SSL Certificate” authentication is selected. The ability to Verify Hostname is provided to check the
CommonName (CN) of the SSL certificate presented by the Nessus server. The state of the Nessus scanner may be set to
Enabled or Disabled as needed, the use of a proxy may be selected, and selection of Scan Zones for the Nessus scanner to
be assigned to can be selected.