Tenable General Requirements

Tenable General Requirements
Last Revised: November 06, 2019

Introduction 4
Tenable.io 5
Tenable.io System Requirements 6
Tenable.io Web Application Scanning Hardware Requirements 7
Tenable.io Container Security Scanner System Requirements 8
Nessus 9
Nessus Licensing Requirements 10
Nessus Scanners 11
Nessus Scanner Hardware Requirements 12
Nessus Scanner Software Requirements 14
Nessus Agents 19
Nessus Agent Hardware Requirements 20
Nessus Agent Software Requirements 21
Software Footprint 26
Host System Utilization 27
Tenable.sc (Formerly SecurityCenter) 28
Tenable.sc (Formerly SecurityCenter) Hardware Requirements 29
Tenable.sc (Formerly SecurityCenter) Software Requirements 32
Tenable.sc (Formerly SecurityCenter) Licensing Requirements 34
NNM 35
NNM Hardware Requirements 36
NNM Software Requirements 38
NNM Licensing Requirements 42
Industrial Security 43
Copyright © 2019 Tenable, Inc. All rights reserved. Tenable, Tenable.io, Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trade-
marks of Tenable, Inc.. Tenable.sc, Lumin, Assure, and the Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.
Industrial Security Hardware Requirements 44
Industrial Security Software Requirements 45
Industrial Security Licensing Requirements 46
LCE 47
Log Correlation Engine Hardware Requirements 48
Log Correlation Engine Software Requirements 52
LCE Licensing Requirements 54
Tenable Core 55
Tenable Core + Nessus 56
Tenable Core + Nessus Network Monitor 58
Tenable Core + Tenable.sc 60
Tenable Core + Tenable.io Web Application Scanning 63
Copyright © 2019 Tenable, Inc. All rights reserved. Tenable, Tenable.io, Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trade-
marks of Tenable, Inc.. Tenable.sc, Lumin, Assure, and the Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.
Introduction
This document provides information about the hardware, software, and licensing requirements
required to deploy Tenable products.
For more information, see:
l Tenable.io
l Nessus
l Nessus Agents
l Tenable.sc (Formerly SecurityCenter)
l NNM
l Industrial Security
l LCE
l Tenable Core
Copyright © 2019 Tenable, Inc. All rights reserved. Tenable, Tenable.io, Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are
registered trademarks of Tenable, Inc.. Tenable.sc, Lumin, Assure, and the Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their -4-
respective owners.
Tenable.io
This section includes:
l Tenable.io System Requirements
l Tenable.io WAS Hardware Requirements
l Tenable.io Container Security Scanner System Requirements
respective owners.
Tenable.io System Requirements
Display Settings
Minimum screen resolution: 1440 x 1024
Supported Browsers
l Google Chrome (40+)
l Apple Safari (8+)
l Mozilla Firefox (38+)
l Internet Explorer (11+)
respective owners.
Tenable.io Web Application Scanning Hardware Requirements
Scenario Hardware Recommendations
WAS Scanning up to 4 concurrent web applications CPU: (4) 2 GHz cores
Core Ram: 16GB RAM
Hard Drive: 25GB
respective owners.
Tenable.io Container Security Scanner System Requirements
The machine where you want to run the CS Scanner must meet the following requirements:
Local Deploy
Software Requirements RAM Temporary Storage CPU
Able to run Linux containers (e.g., Docker) 2 GB 15 GB Not required
Kubernetes Deploy
Software Requirements RAM Temporary Storage CPU
Able to run Linux containers (e.g., Docker) 2 GiB 15 GB 1.5 GHz
Caution: If you use the CS Scanner in Kubernetes and your organization requires Certificate Authority
(CA) authentication, then the registry you want to import images from must have an SSL certificate
signed by a trusted Certificate Authority. Refer to your registry's documentation for adding an SSL cer-
tificate.
respective owners.
Nessus
l Nessus Licensing Requirements
l Nessus Scanners
l Nessus Scanner Hardware Requirements
l Nessus Scanner Software Requirements
respective owners.
Nessus Licensing Requirements
Nessus is available to operate either as a subscription or managed by Tenable.sc. Nessus requires a

plugin feed Activation Code to operate in subscription mode. This code identifies which version of Nes-
sus you are licensed to install and use, and if applicable, how many IP addresses can be scanned, how
many remote scanners can be linked to Nessus, and how many Nessus Agents can be linked to Nessus
Manager.
It is recommended that you obtain the Activation Code before starting the installation process, as that
information will be required before you can authenticate to the Nessus GUI interface.
Additionally, your activation code:
l is a one-time code, unless your license or subscription changes, at which point a new activation
code will be issued to you.
l must be used with the Nessus installation within 24 hours.
l cannot be shared between scanners.
l is not case sensitive.
l is required to Manage Nessus Offline.
You may purchase a Nessus subscription through the Tenable Online Store at https://store.ten-
able.com/ or via a purchase order through Authorized Nessus Partners. You will then receive an
Activation Code from Tenable. This code will be used when configuring your copy of Nessus for
updates.
Note: If you are using Tenable.sc to manage your Nessus scanners, the Activation Code and plugin
updates are managed from Tenable.sc. Nessus needs to be started to be able to communicate with Ten-
able.sc, which it will normally not do without a valid Activation Code and plugins. To have Nessus ignore
this requirement and start (so that it can get the information from Tenable.sc), enter “SecurityCenter”
(case sensitive) without quotes into the Activation Code box.
Please refer to the following link for the most current information on obtaining an Activation Code:
http://www.tenable.com/products/nessus/nessus-plugins/obtain-an-activation-code.
registered trademarks of Tenable, Inc.. Tenable.sc, Lumin, Assure, and the Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their - 10 -
respective owners.
Nessus Scanners
l Nessus Scanner Hardware Requirements
l Nessus Scanner Software Requirements
respective owners.
Nessus Scanner Hardware Requirements
Enterprise networks can vary in performance, capacity, protocols, and overall activity. Resource
requirements to consider for Nessus deployments include raw network speed, the size of the network
being monitored, and the Nessus configuration.
Nessus Scanners and Nessus Professional

The following table lists the hardware requirements for Nessus scanners and Nessus Professional.
Scenario Minimum Recommended Hardware
Scanning up to 50,000 hosts per CPU: 4 2GHz cores

scan
Memory: 4 GB RAM (8 GB RAM recommended)
Disk space: 30 GB
Scanning more than 50,000 hosts CPU: 8 2GHz cores

per scan
Disk space: 30 GB (Additional space may be needed for

reporting)
Nessus Manager
The following table lists the hardware requirements for Nessus Manager.
Nessus Manager with 0-10,000 CPU: 4 2GHz cores

agents
Memory: 16 GB RAM

reporting)
Nessus Manager with 10,001-20,000 CPU: 8 2GHz cores

agents
Memory: 64 GB RAM
respective owners.
reporting)
Note: Engage with your Tenable representative for large

deployments.
Virtual Machines
Nessus can be installed on a Virtual Machine that meets the same requirements. If your virtual
machine is using Network Address Translation (NAT) to reach the network, many of the Nessus vul-
nerability checks, host enumeration, and operating system identification are negatively affected.
respective owners.
Nessus Scanner Software Requirements
Nessus supports Mac, Linux, and Windows operating systems.
Nessus 8.8
Operating
Supported Versions
System
Linux Debian 7, 8, and 9 / Kali Linux 1, 2017.1, and Rolling - i386
Debian 7, 8, and 9 / Kali Linux 1, 2017.1, and Rolling - AMD64
Red Hat ES 6 / CentOS 6 / Oracle Linux 6 (including Unbreakable Enterprise Kernel) -

i386

x86_64

x86_64
FreeBSD 10 and 11 - AMD64
Fedora 24 and 25 - x86_64
SUSE Enterprise 11 and 12 (Nessus 8.7 and later: SUSE Enterprise 11 SP4 and 12) -
i586
SUSE Enterprise 11 and 12 (Nessus 8.7 and later: SUSE Enterprise 11 SP4 and 12) -
x86_64
Ubuntu 12.04, 12.10, 13.04, 13.10, 14.04, and 16.04 - i386
Ubuntu 12.04, 12.10, 13.04, 13.10, 14.04, 16.04, and 18.04 - AMD64
Windows Windows 7, 8, and 10 - i386
Windows Server 2008, Server 2008 R2*, Server 2012, Server 2012 R2, Server 2016, 7, 8,
and 10 - x86-64
Tip: Windows Server 2008 R2’s bundled version of Microsoft IE does not interface
with a Java installation properly. This causes Nessus to not perform as expected in
some situations: Microsoft’s policy recommends not using MSIE on server operating
systems.
respective owners.
Operating
Supported Versions
System
For increased performance and scan reliability when installing on a Windows plat-
form, it is highly recommended that Nessus be installed on a server product from
the Microsoft Windows family such as Windows Server 2008 R2.
Mac OS X Mac OS X 10.10, 10.11, 10.12, and 10.14 - x86-64
Nessus 8.7
Operating
Supported Versions
System

i386

x86_64

x86_64
SUSE Enterprise 11 SP4 and 12 - i586
SUSE Enterprise 11 SP4 and 12 - x86_64
Ubuntu 12.04, 12.10, 13.04, 13.10, 14.04, and 16.04 - i386
Ubuntu 12.04, 12.10, 13.04, 13.10, 14.04, 16.04, and 18.04 - AMD64
and 10 - x86-64
respective owners.
Operating
Supported Versions
System
systems.
Nessus 7.0 - 8.6

Operating
Supported Versions
System

i386

x86_64

x86_64
SUSE Enterprise 11 and 12 - i586
SUSE Enterprise 11 and 12 - x86_64
Ubuntu 12.04, 12.10, 13.04, 13.10, 14.04, and 16.04 - i386
Ubuntu 12.04, 12.10, 13.04, 13.10, 14.04, 16.04, and 18.04 - AMD64
and 10 - x86-64
respective owners.
Operating
Supported Versions
System
systems.
Nessus 6.11
Operating
Supported Versions
System

i386

x86_64

x86_64
SUSE 11 and 12 Enterprise - i586
SUSE 11 and 12 Enterprise - x86_64
Ubuntu 12.04, 12.10, 13.04, 13.10, 14.04, and 16.04 - i386
Ubuntu 12.04, 12.10, 13.04, 13.10, 14.04, 16.04, and 18.04 - AMD64
respective owners.
Operating
Supported Versions
System
and 10 - x86-64
systems.
Mac OS X Mac OS X 10.10, 10.11, and 10.12 - x86-64
Browsers
When using the Nessus user interface, the following browsers are supported.
Version Supported Browsers
6.11 and later Google Chrome (50+)
Apple Safari (10+)
Mozilla Firefox (50+)
Internet Explorer (11+)
PDF Reports
The Nessus PDF report generation feature requires the latest version of Oracle Java or OpenJDK.
Oracle Java or OpenJDK must be installed prior to the installation of Nessus.
Note: If Oracle Java or OpenJDK is installed after the Nessus installation, Nessus will need to be rein-
stalled for the PDF report generation to function.
respective owners.
Nessus Agents
l Nessus Agent Hardware Requirements
l Nessus Agent Software Requirements
l Nessus Agent Software Footprint
l Nessus Agent Host System Utilization
respective owners.
Nessus Agent Hardware Requirements
Nessus Agents are designed to be lightweight and to use only minimal system resources. Generally, a
Nessus Agent uses 40 MB of RAM (all pageable). A Nessus Agent uses almost no CPU while idle, but is
designed to use up to 100% of CPU when available during jobs.
For more information on Nessus Agent resource usage, refer to Software Footprint and Host System
Utilization.
The following table outlines the minimum recommended hardware for operating a Nessus Agent. Nes-
sus Agents can be installed on a virtual machine that meets the same requirements specified.
Hardware Minimum Requirement
Processor 1 Dual-core CPU
Processor < 1 Ghz

Speed
RAM < 1 GB
Disk Space < 1 GB with normal usage
< 2 GB under certain conditions, e.g. when a plugins-code.db defragmentation

operation is in progress
Disk Speed 15-50 IOPS
respective owners.
Nessus Agent Software Requirements
Nessus Agents support Mac, Linux, and Windows operating systems.
Operating
Version Supported Versions
System
7.4 Linux Amazon Linux 2015.03, 2015.09, 2017.09, and 2018.03 (64-bit)
Debian 6, 7, 8, and 9 / Kali Linux 1, 2017.3 (32-bit)
Fedora 20, 21, 24, 25, 26, and 27 (64-bit)
Red Hat ES 5 / CentOS 5 / Oracle Linux 5 (including Unbreakable Enter-

prise Kernel) (32-bit)





SUSE 11 Enterprise (32-bit)
SUSE 11 and 12 Enterprise (64-bit)
Ubuntu 9.10, 10.04, 11.04, 11.10, 12.04, 12.10, 13.04, 13.10, 14.04, 16.04,
and 17.10 (32-bit)
Ubuntu 9.10, 10.04, 11.04, 11.10, 12.04, 12.10, 13.04, 13.10, 14.04, 16.04,
and 17.10 (64-bit)
Windows Windows Server 2008, 7, 8, and 10 (32-bit)
Windows Server 2008, Server 2008 R2, Server 2012, Server 2012 R2,
Server 2016, Server 2019, 7, 8, and 10 (64-bit)
respective owners.
Operating
System
Mac OS X Mac OS X 10.8 - 10.14
Previous Versions
7.1 - 7.3 Linux Amazon Linux 2015.03, 2015.09, 2017.09, and 2018.03 (64-bit)
Fedora 20, 21, 24, 25, 26, and 27 (64-bit)





SUSE 11 Enterprise (32-bit)
SUSE 11 and 12 Enterprise (64-bit)
Ubuntu 9.10, 10.04, 11.04, 11.10, 12.04, 12.10, 13.04, 13.10, 14.04, 16.04,
and 17.10 (32-bit)
Ubuntu 9.10, 10.04, 11.04, 11.10, 12.04, 12.10, 13.04, 13.10, 14.04, 16.04,
and 17.10 (64-bit)
Server 2016, Server 2019, 7, 8, and 10 (64-bit)
7.0 Linux Debian 7, 8, and 9 (32-bit)
respective owners.
Operating
System
Debian 7, 8, and 9 (64-bit)


Red Hat ES 7 / CentOS 7 / Oracle Linux 7 (64-bit)
Fedora 24 and 25 (64-bit)
Ubuntu 12.04, 12.10, 13.04, 13.10, 14.04, and 16.04 (32-bit)
Ubuntu 12.04, 12.10, 13.04, 13.10, 14.04, and 16.04 (64-bit)
Server 2016, 7, 8, and 10 (64-bit)
6.11 Linux Debian 7, 8, and 9 (32-bit)


Ubuntu 12.04, 12.10, 13.04, 13.10, 14.04 , and 16.04 (32-bit)
Ubuntu 12.04, 12.10, 13.04, 13.10, 14.04 , and 16.04 (64-bit)
Windows Windows 7, 8, and 10 (32-bit)
Server 2016, 7, 8, and 10 (64-bit)
respective owners.
Operating
System
6.9 and Linux Debian 6, 7, and 8 (32-bit)

6.10




Ubuntu 10.04 (32-bit)
Ubuntu 11.10, 12.04, 12.10, 13.04, 13.10, and 14.04 (32-bit)
Ubuntu 11.10, 12.04, 12.10, 13.04, 13.10, and 14.04 (64-bit)
Server 2016, 7, 8, and 10 (64-bit)
6.8 and Linux Debian 6, 7, and 8 (32-bit)

earlier

respective owners.
Operating
System


Ubuntu 11.10, 12.04, 12.10, 13.04, 13.10, and 14.04 (32-bit)
Ubuntu 11.10, 12.04, 12.10, 13.04, 13.10, and 14.04 (64-bit)
Windows Server 2008, Server 2008 R2, Server 2012, Server 2012 R2, 7, 8,
and 10 (64-bit)
respective owners.
Software Footprint
Note: Performance varies by environment and you may or may not see similar results.
Agent Total Soft- RAM Usage Average RAM

Network Bandwidth
Footprint ware Foot- While Not Usage While Scan-
Usage
on Disk print on Disk Scanning ning/Peak
6.6 MB 800 MB includ- <10% 45 MB RAM ~1.5 MB/day**

ing plugin
Expected to be much
updates*
higher in normal con-
ditions.
* Under certain conditions, disk usage can spike up to 2GB, e.g. when a plugins-code.db defrag-
mentation operation is in progress.
**Assuming only one scan a day with no plugin updates. Used nethogs program to collect network
usage (sent/received) of nessusd. After a single scan that detected 66 vulnerabilities on the agent
host, 0.855 MB was sent and received (breakdown: .771 MB sent, .084 MB received). After two total
scans, 1.551 MB was sent and 0.204 MB was received. Set to > 1 MB day as the polling for jobs adds up
(~0.008 MB per poll).
respective owners.
Host System Utilization
Note: Performance varies by environment and you may or may not see similar results.
Generally, a Nessus Agent uses 40 MB of RAM (all pageable). A Nessus Agent uses almost no CPU while
idle, but is designed to use up to 100% of CPU when available during jobs.
To measure network utilization when uploading results, Tenable monitored Agent uploads intoTen-
able.io over a 7 day period. Of over 36,000 uploads observed:
l The average size was 1.6 MB.
l The largest size was 37 MB.
l 90% of uploads were 2.2 MB or less.
l 99% of uploads were 5 MB or less.
l Nessus Agent consumes 40 MB of RAM when dormant.
l The Watchdog service consumes 3 MB.
l Plugins consume approximately 300 MB of disk space (varies based on operating system).
However, under certain conditions, disk usage can spike up to 2GB, e.g. when a plugins-
code.db defragmentation operation is in progress.
l Scan results from Nessus Agents to Nessus Manager and Tenable.io range between 2-3 MB.
l Check-in frequency starts at 30 seconds and is adjusted by Nessus Manager orTenable.io based
on the management system load (number of agents).
respective owners.
Tenable.sc (Formerly SecurityCenter)
Tip: Tenable rebranded SecurityCenter as Tenable.sc. For more information, see the announcement.
For more information, see:
l Tenable.sc (Formerly SecurityCenter) Hardware Requirements
l Tenable.sc (Formerly SecurityCenter) Software Requirements
l Tenable.sc (Formerly SecurityCenter) Licensing Requirements
respective owners.
Tenable.sc (Formerly SecurityCenter) Hardware Requirements
Use the following physical hardware recommendations for Tenable.sc as a guide when preparing your
environment. Tenable.sc is not supported in cloud-based environments.
Note: Tenable strongly discourages deploying Tenable.sc or Tenable Core + Tenable.sc in an envir-
onment shared with other Tenable applications.
Storage Requirements
Tenable recommends installing Tenable.sc on direct-attached storage (DAS) devices (or storage area
networks (SANs), if necessary) with a storage latency of 10 milliseconds or less.
Tenable does not support installing Tenable.sc on network-attached storage (NAS).
Disk Space Requirements

requirements to consider for deployments include raw network speed, the size of the network being
monitored, and the configuration of the application. Processors, memory, and network cards will be
heavily based on the former. Disk space requirements will vary depending on usage based on the
amount and length of time data is stored on the system.
An important consideration is that Tenable.sc can be configured to save a snapshot of vulnerability

archives each day. In addition, the size of the vulnerability data stored by Tenable.sc depends on the
number and types of vulnerabilities, not just the number of hosts. For example, 100 hosts with 100 vul-
nerabilities each could consume as much data as 1,000 hosts with 10 vulnerabilities each. In addition,
the output for vulnerability check plugins that do directory listings, etc. is much larger than Open Port
plugins from discovery scans.
For networks of 35,000 to 50,000 hosts, Tenable has encountered data sizes of up to 25 GB. That num-
ber is based on storage of 50,000 hosts and approximately 500 KB per host.
Additionally, during active scanning sessions, large scans and multiple smaller scans have been repor-
ted to consume as much as 150 GB of disk space as results are acquired. Once a scan has completed
and its results are imported, that disk space is freed up.
Tenable.sc Full Safe + Local Checks
respective owners.
Disk Space
# of Hosts Managed used for Vul-
Version CPU Cores Memory
by Tenable.sc nerability
Trending
2,500 active IPs 4 2GHz 8 GB RAM 90 days: 125

cores GB
180 days: 250

GB

cores GB
180 days: 900

5.x GB
25,000 active IPs 16 3GHz 32 GB RAM 90 days: 1.2

cores TB
180 days: 2.4

TB

cores TB
180 days: 9 TB
Tenable.sc Full Safe + Local Checks + 1 Configuration Audit
# of Hosts Man- Disk Space used for

CPU
Version aged by Ten- Memory Vulnerability Trend-
Cores
able.sc ing
2,500 active IPs 4 2GHz 8 GB RAM 90 days: 225 GB

cores
180 days: 450 GB

5.x cores
180 days: 1.8 TB
25,000 active IPs 16 3GHz 32 GB RAM 90 days: 2.25 TB

cores
180 days: 4.5 TB
respective owners.
CPU
Cores
able.sc ing
100,000 active IPs 32 3GHz 128 90 days: 9 TB

cores GB RAM
180 days: 18 TB
Disk Partition Requirements

Tenable.sc installs into /opt/sc. Tenable highly recommends that you create the /opt directory on a
separate disk partition. If you want to increase performance, consider using two disks: one for the
operating system and one for the system deployed to /opt.
If required disk space exists outside of the /opt file system, mount the desired target directory using
the command mount –-bind <olddir> <newdir>. Make sure that the file system is automatically
mounted on reboot by editing the /etc/fstab file appropriately.
Note: Tenable.sc does not support using symbolic links for /opt/sc/. You can use symbolic links within
/opt/sc/ subdirectories if instructed by Tenable.sc documentation or Tenable Support.
Deploying Tenable.sc on a server configured with RAID disks can also dramatically boost performance.
Tip: Tenable does not require RAID disks for even our largest customers. However, in one instance,
response times for queries with a faster RAID disk for a customer with more than 1 million managed vul-
nerabilities moved from a few seconds to less than a second.
Network Interface Requirements

Gigabit or faster network cards are recommended for use on the Tenable.sc server. This is to increase
the overall performance of web sessions, emails, LCE queries, and other network activities.
respective owners.
Tenable.sc (Formerly SecurityCenter) Software Requirements
All Tenable.sc versions require an active Tenable.sc license and OpenJDK or Oracle Java JRE. Operating
system requirements depend on your Tenable.sc version:
Tenable.sc Version Operating System Requirements
l Red Hat Enterprise Linux 6 (RHEL 6), 64-bit
l Red Hat Enterprise Linux 7 (RHEL 7), 64-bit

5.7.x and later
l CentOS 6, 64-bit
l CentOS 7, 64-bit
l Red Hat Enterprise Server 5 (RHES 5), 64-bit

5.6.x and earlier
l CentOS 5, 64-bit
l CentOS 6, 64-bit
l CentOS 7, 64-bit
SELinux policy configuration is supported by Tenable in a “Permissive” mode.
Tip: Other SELinux modes are known to work, but the required configuration varies based on policies
and custom configurations that may be in place on-site. It is strongly recommended that SELinux imple-
mentation configurations are tested prior to deployment on a live network.
Dependencies
Note: Either OpenJDK or the Oracle Java JRE along with their accompanying dependencies must be
installed on the system along with any additional Java installations removed for reporting to function
properly.
Note: Tenable does not recommend forcing the installation without all required dependencies. If your
version of Red Hat or CentOS is missing certain dependencies, it will cause problems that are not
respective owners.
readily apparent with a wide variety of functions. Tenable Support has observed different types of fail-
ure modes for Tenable.sc when dependencies are missing.
All dependencies must be installed on the system prior to installing or updating Tenable.sc. While they
are not all required by the installation RPM file, some functionality may not work properly if the pack-
ages are not installed.
Note: Using the latest stable production version of each package is recommended.
For more Tenable.sc requirements, see Hardware Requirements and System Requirements in the
Tenable.sc User Guide.
respective owners.
Tenable.sc (Formerly SecurityCenter) Licensing Requirements
Tenable.sc requires a license key and a maintenance code, which may be purchased directly from Ten-
able Network Security or via a purchase order through Authorized Enterprise Partners. The license
key and maintenance code will be used when installing and configuring your copy of Tenable.sc.
Tenable.sc is licensed by the total number of active IP addresses it manages and the hostname of the
system on which it is installed. For example, a customer can purchase a 500 IP Tenable.sc license for
the hostname of “security”. This key allows that particular server to scan several networks, but as soon
as 500 IP addresses are discovered, the license limit becomes active. There is no licensing limit to the
number of Nessus installations that can be deployed with Tenable.sc.
You will need to provide the hostname of the machine on which Tenable.sc will be installed to
licenses@tenable.com or on the Tenable Community site, as described in the Tenable Com-
munity Guide. This can be obtained by entering the “hostname” command at a system shell prompt.
For more information about license counts and adding licenses to Tenable.sc, see Licenses in the Ten-
able.sc User Guide.
Tenable.sc Continuous View (Tenable.sc CV)

The Tenable.sc CV platform provides combined Tenable products, which includes licensing for Nessus,
the Nessus Network Monitor (NNM), and a Log Correlation Engine (LCE) server that are all managed by
a Tenable.sc installation. This provides a comprehensive security platform across your IT environment.
Tenable.sc CV may be purchased directly from Tenable Network Security or via a purchase order
through Authorized Enterprise Partners. All license keys and Activation Codes are received from Ten-
able, and are used when installing and configuring the various Tenable.sc CV components. There is no
licensing limit to the number of Nessus and NNM installations that can be deployed with Tenable.sc CV.
Please see the Nessus, Nessus Network Monitor, and Log Correlation Engine requirements for more
information on how each component is licensed for a Tenable.sc CV purchase.
respective owners.
NNM
l NNM Hardware Requirements
l NNM Software Requirements
l NNM Licensing Requirements
respective owners.
NNM Hardware Requirements
requirements to consider for NNM deployments include raw network speed, the size of the network
being monitored, and the configuration of NNM.
The following chart outlines some basic hardware requirements for operating NNM:
Installation Hard
Version RAM Processor
scenario Disk
NNM man- 2 GB RAM (4 2 2GHz cores 20 GB

aging up to GB RAM recom- HDD min-
50,000 hosts * mended) imum
(**)

All Ver- aging more GB RAM recom- HDD min-
sions than 50,000 mended) imum
hosts **
NNM running 16 GB RAM 10 2GHz cores with 20 GB

in High Per- (HugePages hyper-threading HDD min-
formance memory: 2 GB) enabled imum
mode
*The ability to monitor a given number of hosts depends on the bandwidth, memory, and processing
power available to the system running NNM.
**For optimal data collection, NNM must be connected to the network segment via a hub, spanned
port, or network tap to have a full, continuous view of network traffic.
Note: Please research your VM software vendor for comparative recommendations, as VMs typically see
up to a 30% loss in efficiency compared to dedicated servers.
High Performance Mode

To run NNM in High Performance mode, a minimum of two of the following types of Intel NICs are
required; one as a management interface and at least one as a monitoring interface:
respective owners.
l e1000 (82540, 82545, 82546)
l e1000e (82571, 82574, 82583, ICH8.ICH10, PCH.PCH2)
l igb (82575, 82576, 82580, I210, I211, I350, I354, DH89xx)
l ixgbe (82598, 82599, X540, X550)
l i40e (X710, XL710)
l NT40A01-4x1
respective owners.
NNM Software Requirements
The Nessus Network Monitor is available for the following platforms:
Version Software Requirements
l Red Hat Linux ES 5 / CentOS 5 64-bit
l Red Hat Linux ES 7 / CentOS 7 64-bit (through 7.7 kernel version 3.10.0)
l Mac OS X 10.9-10.12 64-bit
l Microsoft Windows Vista, 7, 8, 10, Server 2008, Server 2012, and Server 2016 64-bit
OS
l Microsoft Visual C++ 2010 Redistributable Package

5.10.x+
High Performance mode only available on:
l RH6/CentOS6 (RH6.0 thru RH6.9) : 2.6.32-696
l RH7/CentOS7 (RH7.0 thru RH7.4) : 3.10.0-693cc
l RH7/CentOS7 (RH7.5): 3.10.0-862
l RH7/CentOS7 (RH 7.6): 3.10.0-957
l RH7/CentOS7 (RH 7.7): 3.10.0-1062
Previous Versions
l Mac OS X 10.9-10.12 64-bit

5.8.x-
5.9.x l Microsoft Windows Vista, 7, 8, 10, Server 2008, Server 2012, and Server 2016 64-bit
OS
respective owners.
l RH7/CentOS7 (RH7.5): 3.10.0-862
l RH7/CentOS7 (RH 7.6): 3.10.0-957
l Mac OS X 10.9-10.12 64-bit
l Microsoft Windows Vista, 7, 8, 10, Server 2008, Server 2012, and Server 2016 64-bit
5.6.x- OS
5.7.x l Microsoft Visual C++ 2010 Redistributable Package
l RH7/CentOS7 (RH7.5): 3.10.0-862
l Mac OS X 10.9-10.12 64-bit
l Microsoft Windows Vista, 7, 8, Server 2008, and Server 2012

5.5.x
respective owners.
l RH7/CentOS7 (RH7.5): 3.10.0-862
l Mac OS X 10.9-10.12 64-bit
5.2.x- l Microsoft Windows Vista, 7, 8, Server 2008, and Server 2012

5.4.x
l RH6/CentOS6 (RH6.0 thrue RH6.9) : 2.6.32-696
l Mac OS X 10.8 and 10.9 64-bit

5.1.x
l CentOS 6.x 64-bit
l CentOS 7.x 64-bit
l Red Hat ES 6.6+ 64-bit
l Red Hat ES 7.x 64-bit
l Linux kernel version 2.6.34
4.4.x to l Red Hat Linux ES 5 / CentOS 5 64-bit

5.0.x
respective owners.
l Mac OS X 10.8 and 10.9 64-bit
l CentOS 6.x 64-bit
l CentOS 7.x 64-bit
l Red Hat ES 6.6+ 64-bit
l Red Hat ES 7.x 64-bit
You can use ERSPAN to mirror traffic from one or more source ports on a virtual switch, physical
switch, or router and send the traffic to a destination IP host running NNM. NNM supports the fol-
lowing ERSPAN virtual environments:
l VMware ERSPAN (Transparent Ethernet Bridging)
l Cisco ERSPAN (ERSPAN Type II)
Tip: Refer to the Configuring Virtual Switches for Use with NNM document for details on configuring
your virtual environment.

To run NNM in High Performance mode, you must enable HugePages support. HugePages is a per-
formance feature of the Linux kernel and is necessary for the large memory pool allocation used for
packet buffers. If your Linux kernel does not have HugePages configured, NNM automatically con-
figures HugePages per the appropriate settings. Otherwise, if your Linux kernel has defined
HugePages, refer to the Configuring HugePages instructions in the Linux Command Line Operations
section.
respective owners.
NNM Licensing Requirements
NNM Subscription
A NNM subscription Activation Code is available that enables NNM to operate in Standalone mode. This
mode enables NNM results to be viewed from an HTML interface enabled on the NNM server.
Activation Code
To obtain a Trial Activation Code for NNM, contact sales@tenable.com. Trial Activation Codes are
handled the same way by NNM as full Activation Codes, except that Trial Activation Codes allow mon-
itoring for only 30 days. During a trial of NNM, all features are available.
Tenable.sc Continuous View

Tenable.sc Continuous View includes NNM as part of a bundled license package with Tenable.sc. This
license allows an unlimited number of NNM deployments to monitor an unlimited number of net-
works. Tenable.sc CV’s IP view is constrained by the license purchased with it.
Nessus Cloud
Nessus Cloud pushes plugins down to NNM. The number of NNM deployments is determined by your
Nessus Cloud licensing.

NNM in High Performance Mode can be licensed in Standalone mode or bundled with Tenable.sc CV.
respective owners.
Industrial Security
l Industrial Security Hardware Requirements
l Industrial Security Software Requirements
l Industrial Security Licensing Requirements
respective owners.
Industrial Security Hardware Requirements
requirements to consider for Industrial Security deployments include raw network speed, the size of
the network being monitored, and the configuration of Industrial Security.
The following chart outlines some basic hardware requirements for operating Industrial Security:
Version RAM Processor Hard Disk
All Ver- 2 GB RAM (4 GB RAM recom- (4) 2GHz cores 20 GB HDD min-
sions mended) imum
respective owners.
Industrial Security Software Requirements
Industrial Security is available for the following platforms:

1.2+
l Microsoft Windows 8, Server 2012
Previous Versions
1.0-1.1 l Red Hat Linux ES 7 / CentOS 7 64-bit
respective owners.
Industrial Security Licensing Requirements
Industrial Security Subscription
An Industrial Security subscription activation code is available to support a number of different asset
counts. Currently the following activation code asset count limits are available:
l 150
l 800
l 2000
Activation Code
To obtain a Trial Activation Code for Industrial Security, contact sales@tenable.com. Trial Activation
Codes are handled the same way by Industrial Security as full Activation Codes, except that Trial Activ-
ation Codes allow monitoring for only 30 days. During a trial of Industrial Security, all features are avail-
able.
respective owners.
LCE
l Log Correlation Engine Hardware Requirements
l Log Correlation Engine Software Requirements
l LCE Licensing Requirements
respective owners.
Log Correlation Engine Hardware Requirements
The following hardware recommendations for LCE are to be used as a general guide. Enterprise net-
works can vary in performance, capacity, protocols, and overall activity. Resource requirements to con-
sider for deployments include raw network speed, the size of the network being monitored, and the
configuration of the application. Processors, memory, and network cards will be heavily based on the
former. Disk space requirements will vary depending on usage based on the amount and length of
time data is stored on the system.
The hardware requirements for LCE change based on the number of events being processed.
Estimating Events
The following table provides the estimated average number of events from various sources.
Devices Number of Estimated Events
1 workstation/laptop 0.5 events/sec
1 web-facing app server 20 events/sec
1 web-facing firewall/IDS/IPS 75 events/sec
1 internal application server (low volume) 5 events/sec
1 internal application server (high volume: IIS, Exchange, AD) 20 events/sec
1 internal network device 2 events/sec
To convert your event rate to bytes per day, Tenable recommends that you multiply your total event-
s/second by 250 bytes/event and multiply by 86,400 seconds/day. For example, assume 100 events per
second: 100 events/second * 250 bytes/event * 86,400 seconds/day = 2,160,000,000 bytes/day.
System Specification
The following table specifies the system requirements based on the number of events the LCE server is
processing.
Installation
Version RAM Processor Hard disk Hard disk space
scenario
One LCE 22 8 cores 10,000 to

6.x 2.4 x Licensed storage size
server with GB 15,000 RPM
respective owners.
Installation
scenario
PostgreSQL HD, or SSD of

processing equiv. IOPS
less than capability, in
5,000 events RAID 0/10
per second configuration
One LCE 30 16 cores

server with GB 15,000 RPM
PostgreSQL HD, or SSD of
processing equiv. IOPS
between capability;
5,000 and RAID 0/10
20,000 events configuration
per second
One LCE 58 24 or SSD of IOPS

server with GB more capability at
PostgreSQL or cores least equiv.
processing more to a 15,000
greater than RPM HD;
20,000 events RAID 0/10
per second configuration
Previous Versions
One LCE 16 64-bit, 8

server with GB cores
2 x Licensed storage size
Elasticsearch
10,000 to
processing
15,000 RPM Note: To query an
less than archived Elasticsearch
HD, or SSD of
5,000 events database, it will need to
5.x equiv. IOPS
per second be restored. The recom-
capability, in mended hard disk space
One LCE 32 64-bit, 16 RAID 0/10 does not include optional
configuration archiving of logs that
server with GB cores exceed the licensed limit.
Elasticsearch
processing
respective owners.
Installation
scenario
between
5,000 and
20,000 events
per second
One LCE 64 64-bit, 24

server with GB cores or
Elasticsearch or more
processing more
greater than
20,000 events
per second
Previous Versions
One LCE 8 GB 64-bit, 8

server pro- cores
cessing less
than 5,000
events per 1.5 x Licensed storage size
second
Note: Each LCE will use,
One LCE 16 64-bit, 16 10,000 to
on average, 1,000,000
server pro- GB cores 15,000 RPM inodes per 1TB of
4.4.x cessing HD, or SSD of licensed storage size. For
through between equiv. IOPS more information on hard-
ware requirements for
4.8.x 5,000 and capability, in your environment, please
20,000 events RAID 0/10 review Log Correlation
per second configuration Engine 4.6 High Avail-
ability Large Scale
One LCE 32 64-bit, 24 Deployment Guide.
server pro- GB cores or
cessing or more
greater than more
20,000 events
per second
The LCE server requires a minimum of 20 GB of storage space to continue running and storing logs. If
less than 1 GB is available, the Log Engine (lced) process will stop gracefully and refuse to store
respective owners.
additional logs. The current system disk space is visible on the Health and Status page of the LCE
interface.
File System Recommendations

Placing your activeDb on a networked file system (e.g. NFS) will result in inadequate system per-
formance. Tenable recommends that you use EXT3, EXT4, XFS, or ZFS; and that you pay close attention
to the mount options. Here are the mount options we suggest using, and the mount options we sug-
gest staying away from:
If your file It is recommended that

It is not recommended to use:
system is: you use:
EXT3, EXT4, noatime atime or strictatime or relatime or dir-

XFS atime or No *atime at all.
EXT3 barrier=0 barrier=1
EXT4 barrier=0 or nobarrier barrier=1 or barrier
XFS nobarrier barrier
EXT3, EXT4 data=writeback data=journal or data=ordered or No data=*

at all.
ZFS atime=off atime=on or relatime=on or No *atime at all.
ZFS Hardware-dependent compression=gzip or compression=gzip-N

or compression=zle
compress=gzip or compress=gzip-N or com-

press=zle
ZFS logbias=throughput logbias=latency or No logbias at all.
ZFS primarycache=metadata primarycache=all or primarycache=none or

No primarycache=* at all.
ZFS Hardware-dependent recordsize=512 or recordsize=1024 or

recordsize=2048 or recordsize=4096
respective owners.
Log Correlation Engine Software Requirements
l An active LCE license

6.x
l RHEL/CentOS 5.x, 6.x, or 7.x, 64-bit

5.x l Elasticsearch 2.3.3 to 2.4.6
l Java Runtime Environment (JRE) 1.8 update 20

or later
Previous Versions

4.4.x through 4.8.x
Additionally, while LCE is active, it requires exclusive access to certain ports. The only services that are
required to support remote users are SSH and the LCE interface (lce). If other services are active on the
system, conflicts should be avoided on the following default ports:
Ports LCE Receive (Listen) On
Port Description
162/UDP SNMP
514/UDP Syslog
22/TCP SSH, for requests from Tenable.SC
601/TCP Syslog
1243/TCP Vulnerability detection, if enabled in Tenable.SC
6514/TCP Encrypted syslog
8836/TCP LCE Administrative Web UI
31300/TCP Events from LCE Clients
respective owners.
Ports LCE Sends On
Port Description
514/UDP Syslog (forwarded)
443/TCP Pull requests to the plugins feed at plugins.nessus.org
601/TCP Syslog (forwarded)
Ports LCE uses over Loopback Interface
Port Description
7091/TCP Internal communication, showids to lce_queryd
7092/TCP Internal communication, lce_tasld to lced
Caution: The system running the LCE can operate a syslog daemon, but the syslog daemon must not be
listening on the same port(s) that the LCE server is listening on.
respective owners.
LCE Licensing Requirements
LCE requires an activation code, which may be purchased directly from Tenable Network Security or
through Authorized Enterprise Partners. The code will be used when installing and configuring your
copy of LCE and each attached Tenable.sc (formerly SecurityCenter).
There is no licensed limit to the number of events or IP addresses that the LCE can be configured to
monitor. Instead, LCE is licensed by the maximum amount of storage to be used by the LCE install-
ation.
There are different licenses available for the LCE based on the total amount of storage used by the
LCE. The licenses are based on 1 TB, 5 TB, and 10 TB storage sizes. A license for LCE is provided as a
part of Tenable.sc CV. There is no difference in the LCE software that is installed, just the maximum
storage size that can be used by the LCE. The size limit of the Elasticsearch databases can be con-
figured via the LCE interface. Data that exceeds your license limit will be archived.
respective owners.
Tenable Core
This section includes requirements for the following Tenable Core product configurations:
l Tenable Core + Nessus
l Tenable Core + Nessus Network Monitor
l Tenable Core + Tenable.sc
l Tenable Core + Tenable.io Web Application Scanning
respective owners.
Tenable Core + Nessus
To install and run Tenable Core + Nessus, your system must meet the following requirements estab-
lished for Nessus. For more information about Nessus requirements, see Nessus.
Tenable Core + Nessus Hardware Requirements

requirements to consider for Nessus deployments include raw network speed, the size of the network
being monitored, and the Nessus configuration.
Nessus Scanners and Nessus Professional Hardware Requirements
Scanning up to 50,000 hosts per CPU: 4 2GHz cores

scan
Disk space: 30 GB
Scanning more than 50,000 hosts CPU: 8 2GHz cores

per scan

reporting)
Nessus Manager Hardware Requirements
Nessus Manager with 0-10,000 CPU: 4 2GHz cores

agents
Memory: 16 GB RAM

reporting)
Nessus Manager with 10,001-20,000 CPU: 8 2GHz cores

agents
Memory: 64 GB RAM
respective owners.

reporting)
Note: Engage with your Tenable representative for large

deployments.
Nessus Supported Browsers

Nessus supports the following browsers:
l Google Chrome (50+)
l Apple Safari (10+)
l Mozilla Firefox (50+)
l Internet Explorer (11+)
Note: For Nessus 7.0 and later, you must enable Transport Layer Security (TLS) 1.2 in your browser.
respective owners.
Tenable Core + Nessus Network Monitor
To install and run Tenable Core + Nessus Network Monitor, your system must meet the following
requirements established for Nessus Network Monitor. For more information about Nessus Network
Monitor requirements, see NNM.
Tenable Core + Nessus Network Monitor Hardware Requirements

requirements to consider for NNM deployments include raw network speed, the size of the network
being monitored, and the configuration of NNM.
The following chart outlines some basic hardware requirements for operating NNM:
Installation Hard
Version RAM Processor
scenario Disk

aging up to GB RAM recom- HDD min-
50,000 hosts * mended) imum
(**)

All Ver- aging more GB RAM recom- HDD min-
sions than 50,000 mended) imum
hosts **
NNM running 16 GB RAM 10 2GHz cores with 20 GB

in High Per- (HugePages hyper-threading HDD min-
formance memory: 2 GB) enabled imum
mode
*The ability to monitor a given number of hosts depends on the bandwidth, memory, and processing
power available to the system running NNM.
**For optimal data collection, NNM must be connected to the network segment via a hub, spanned
port, or network tap to have a full, continuous view of network traffic.
respective owners.
To run NNM in High Performance mode, a minimum of two of the following types of Intel NICs are
required; one as a management interface and at least one as a monitoring interface:
l e1000 (82540, 82545, 82546)
l e1000e (82571, 82574, 82583, ICH8.ICH10, PCH.PCH2)
l igb (82575, 82576, 82580, I210, I211, I350, I354, DH89xx)
l ixgbe (82598, 82599, X540, X550)
l i40e (X710, XL710)
l NT40A01-4x1
respective owners.
Tenable Core + Tenable.sc
To install and run Tenable Core + Tenable.sc, your system must meet the following requirements estab-
lished for Tenable.sc. For more information about Tenable.sc requirements, see Tenable.sc (Formerly
SecurityCenter).
Tenable Core + Tenable.sc Hardware Requirements

Use the following physical hardware recommendations for Tenable.sc as a guide when preparing your
environment. Tenable.sc is not supported in cloud-based environments.
Note: Tenable strongly discourages deploying Tenable.sc or Tenable Core + Tenable.sc in an envir-
onment shared with other Tenable applications.
Storage Requirements
Tenable recommends installing Tenable.sc on direct-attached storage (DAS) devices (or storage area
networks (SANs), if necessary) with a storage latency of 10 milliseconds or less.
Tenable does not support installing Tenable.sc on network-attached storage (NAS).
Disk Space Requirements

requirements to consider for deployments include raw network speed, the size of the network being
monitored, and the configuration of the application. Processors, memory, and network cards will be
heavily based on the former. Disk space requirements will vary depending on usage based on the
amount and length of time data is stored on the system.
An important consideration is that Tenable.sc can be configured to save a snapshot of vulnerability

archives each day. In addition, the size of the vulnerability data stored by Tenable.sc depends on the
number and types of vulnerabilities, not just the number of hosts. For example, 100 hosts with 100 vul-
nerabilities each could consume as much data as 1,000 hosts with 10 vulnerabilities each. In addition,
the output for vulnerability check plugins that do directory listings, etc. is much larger than Open Port
plugins from discovery scans.
For networks of 35,000 to 50,000 hosts, Tenable has encountered data sizes of up to 25 GB. That num-
ber is based on storage of 50,000 hosts and approximately 500 KB per host.
respective owners.
Additionally, during active scanning sessions, large scans and multiple smaller scans have been repor-
ted to consume as much as 150 GB of disk space as results are acquired. Once a scan has completed
and its results are imported, that disk space is freed up.
Tenable.sc Full Safe + Local Checks
Disk Space
# of Hosts Managed used for Vul-
Version CPU Cores Memory
by Tenable.sc nerability
Trending

cores GB
180 days: 250

GB

cores GB
180 days: 900

5.x GB

cores TB
180 days: 2.4

TB

cores TB
180 days: 9 TB
Tenable.sc Full Safe + Local Checks + 1 Configuration Audit

CPU
Cores
able.sc ing

5.x cores
180 days: 450 GB
respective owners.
CPU
Cores
able.sc ing

cores
180 days: 1.8 TB
25,000 active IPs 16 3GHz 32 GB RAM 90 days: 2.25 TB

cores
180 days: 4.5 TB
100,000 active IPs 32 3GHz 128 90 days: 9 TB

cores GB RAM
180 days: 18 TB
Disk Partition Requirements

Tenable.sc installs into /opt/sc. Tenable highly recommends that you create the /opt directory on a
separate disk partition. If you want to increase performance, consider using two disks: one for the
operating system and one for the system deployed to /opt.
If required disk space exists outside of the /opt file system, mount the desired target directory using
the command mount –-bind <olddir> <newdir>. Make sure that the file system is automatically
mounted on reboot by editing the /etc/fstab file appropriately.
Note: Tenable.sc does not support using symbolic links for /opt/sc/. You can use symbolic links within
/opt/sc/ subdirectories if instructed by Tenable.sc documentation or Tenable Support.
Deploying Tenable.sc on a server configured with RAID disks can also dramatically boost performance.
Tip: Tenable does not require RAID disks for even our largest customers. However, in one instance,
response times for queries with a faster RAID disk for a customer with more than 1 million managed vul-
nerabilities moved from a few seconds to less than a second.
Network Interface Requirements

Gigabit or faster network cards are recommended for use on the Tenable.sc server. This is to increase
the overall performance of web sessions, emails, LCE queries, and other network activities.
respective owners.
Tenable Core + Tenable.io Web Application Scanning
To install and run Tenable Core + Tenable.io Web Application Scanning, your system must meet the fol-
lowing hardware requirements established for Tenable.io Web Application Scanning. For more inform-
ation about Tenable.io requirements, see Tenable.io.
Tenable Core + Web Application Scanning Hardware Requirements

Scenario Hardware Recommendations
WAS Scanning up to 4 concurrent web applications CPU: (4) 2 GHz cores
Core Ram: 16GB RAM
Hard Drive: 25GB
respective owners.

Tenable General Requirements

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Tenable General Requirements

Uploaded by

Copyright:

Available Formats

Tenable General Requirements

Last Revised: November 06, 2019

Tenable.io System Requirements 6

Tenable.io Web Application Scanning Hardware Requirements 7

Tenable.io Container Security Scanner System Requirements 8

Nessus Licensing Requirements 10

Nessus Scanner Hardware Requirements 12

Nessus Scanner Software Requirements 14

Nessus Agent Hardware Requirements 20

Nessus Agent Software Requirements 21

Host System Utilization 27

Tenable.sc (Formerly SecurityCenter) 28

Tenable.sc (Formerly SecurityCenter) Hardware Requirements 29

Tenable.sc (Formerly SecurityCenter) Software Requirements 32

Tenable.sc (Formerly SecurityCenter) Licensing Requirements 34

NNM Hardware Requirements 36

NNM Software Requirements 38

NNM Licensing Requirements 42

Industrial Security Software Requirements 45

Industrial Security Licensing Requirements 46

Log Correlation Engine Hardware Requirements 48

Log Correlation Engine Software Requirements 52

LCE Licensing Requirements 54

Tenable Core + Nessus 56

Tenable Core + Nessus Network Monitor 58

Tenable Core + Tenable.sc 60

Tenable Core + Tenable.io Web Application Scanning 63

For more information, see:

l Tenable.sc (Formerly SecurityCenter)

This section includes:

l Tenable.io System Requirements

l Tenable.io WAS Hardware Requirements

l Tenable.io Container Security Scanner System Requirements

l Apple Safari (8+)

l Mozilla Firefox (38+)

l Internet Explorer (11+)

WAS Scanning up to 4 concurrent web applications CPU: (4) 2 GHz cores

Core Ram: 16GB RAM

Hard Drive: 25GB

Able to run Linux containers (e.g., Docker) 2 GB 15 GB Not required

Able to run Linux containers (e.g., Docker) 2 GiB 15 GB 1.5 GHz

This section includes:

l Nessus Licensing Requirements

l Nessus Scanner Hardware Requirements

l Nessus Scanner Software Requirements

Nessus is available to operate either as a subscription or managed by Tenable.sc. Nessus requires a

Additionally, your activation code:

l must be used with the Nessus installation within 24 hours.

l cannot be shared between scanners.

l is not case sensitive.

l is required to Manage Nessus Offline.

This section includes:

l Nessus Scanner Hardware Requirements

l Nessus Scanner Software Requirements

Nessus Scanners and Nessus Professional

Scenario Minimum Recommended Hardware

Scanning up to 50,000 hosts per CPU: 4 2GHz cores

Scanning more than 50,000 hosts CPU: 8 2GHz cores

Disk space: 30 GB (Additional space may be needed for

Scenario Minimum Recommended Hardware

Nessus Manager with 0-10,000 CPU: 4 2GHz cores

Disk space: 30 GB (Additional space may be needed for

Nessus Manager with 10,001-20,000 CPU: 8 2GHz cores