Manualshelf

Installation guide

ManualsBrandsRed Hat ManualsComputer equipmentLINUX VIRTUAL SERVER 4.7 - ADMINISTRATION
12345678910
5
Disk Space
Adequate disk space is critical to a successful SecurityCenter deployment. An important consideration is that SecurityCenter
saves a snapshot of the entire vulnerability archive each day. In addition, the size of the vulnerability data stored by
SecurityCenter depends on the number and types of vulnerabilities, not just the number of hosts. For example, 100 hosts
with 100 vulnerabilities each could consume as much data as 1,000 hosts with 10 vulnerabilities each. In addition, the output
for vulnerability check plugins that do directory listings, etc. is much larger than “Open Port” plugins from discovery scans.
For networks of 35,000 to 50,000 hosts, Tenable has encountered data sizes of up to 25 GB. That number is based on
storage of 50,000 hosts and approximately 500 KB per host.
Additionally, during active scanning sessions, large scans and multiple smaller scans have been reported to consume as
much as 150 GB of disk space as results are acquired. Once a scan has completed and its results are imported, that disk
space is freed up.
Disk Partitions
SecurityCenter is installed into /opt/sc4 by default. Tenable highly recommends that the /opt directory be created on a
separate disk partition. For higher performance, using two disks, one for the operating system and one for the system
deployed to /opt, can be more efficient.
If required disk space exists outside of the /opt file system, mount the desired target directory using “mount
-bind <olddir> <newdir>”. Make sure that the file system is automatically mounted on reboot by editing
the /etc/fstab file appropriately.
Deploying SecurityCenter on a server configured with RAID disks can also dramatically boost performance.
SecurityCenter does not require RAID disks for even our largest customers. However, in one instance,
response times for queries with a faster RAID disk for a customer with more than 1 million managed
vulnerabilities moved from a few seconds to less than a second.
Software Requirements
Supported Operating Systems
SecurityCenter 4 is available for Red Hat Enterprise Server 5 (32/64-bit) and 6 (32/64-bit). CentOS 5 (32/64-bit) and 6
(32/64-bit) is also officially supported. SELinux policy configuration is supported by Tenable in a “Permissive” mode. See
the section labeled “Modify Firewall Settings for more information.
Other SELinux modes are known to work, but the required configuration varies based on policies and custom
configurations that may be in place on-site. It is strongly recommended that SELinux implementation
configurations are tested prior to deployment on a live network
IT Environment Requirements
Virtualized Environments
SecurityCenter is well suited to virtual platforms and comes prepackaged along with Nessus and PVS on the Tenable
Appliance VMware image. Because of the unique performance considerations with virtualized platforms, please consult
your VM software vendor for recommendations, as VMs typically see up to 30% loss in efficiency compared with
dedicated servers.
Securing the Environment
It is assumed that organizations have the appropriate skill-set required to maintain the operating system environment in a
secure manner and that they are configured and maintained with the following conditions: