Tenable (Nessus) functions as our vulnerability management tool, utilizing both agents and scanners to identify security vulnerabilities such as system misconfiguration, missing patches/updates, and other security related issues within your environment. The Information Security team recommends that each department’s IT administrators use the Tenable Nessus Agent due to its ease of management. Tenable Nessus Agents are lightweight vulnerability scanners installed directly on systems. If the operating system of your devices is not supported by the agent, you must utilize the Nessus Scanner appliance to perform vulnerability scans.
Tenable will be configured to perform scheduled weekly scans of your agent-installed devices. Scan jobs will be configured by InfoSec with coordination from each department. Results of the vulnerability scans will be populated into the Tenable SC console for review by the department’s IT staff and email reports will be sent to designated IT contacts.
Who is Responsible for Installing Tenable Nessus Agents?
Tenable’s Nessus Agents are required to be installed on all ÌÇÐÄVlog¹Ù·½-owned endpoints (desktops, laptops), and servers by ÌÇÐÄVlog¹Ù·½ IT specialists. Nessus Agents can be installed onto Windows, macOS, and Linux. To install Nessus Agents, please reach out to your departmental IT specialist for assistance. IT specialists are responsible for installing agents, running scans, reviewing scan results, and remediating vulnerabilities. If you do not have a departmental IT specialist, please reach out to ÌÇÐÄVlog¹Ù·½ InfoSec at infosec@hawaii.edu.
If you are a ÌÇÐÄVlog¹Ù·½ IT Specialist
Please visit the for information on setting up Tenable, management of the Tenable.sc console, installing Nessus agents, and reviewing scan results.