Tenable Nessus Agent Installation Guide
Please reach out to the endpoint security team to receive the installation URL and Enrollment Token referenced as <Agent Group Name>
, <Server>
, <Port>
and <Key>
.
Purpose
Credential scans can acquire configuration and software data from a device. Agent scans accomplish the same thing, but with a service running on the device.
Scans require the system to be on a network that is accessible by a scanner. Agent scans do not have to have that limitation (depending on whether they are reporting to Tenable.io or a Nessus Manager located at TAMU).
Responsibilities
These actions fall under the responsibilities of the machine administrator as the installation of the Nessus agent requires admin privileges.
Procedures
Installing Nessus Agent
-
Download the Nessus agent installer for the target operating system.
- Nessus Agent Download page
- Note: The Nessus Agent will automatically update itself. There is no need to manually update it.
- Nessus Agent Download page
-
Depending on the operating system, install the agent. Refer to the steps below to find the required information needed to install the agent
- Install a Nessus Agent on Linux (latest instructions/More details)
- Note: Remember to link the agent and use the group name issued. Please contact the System and Application team for the group name.
--groups="<Agent Group Name>"
- Install a Nessus Agent on Windows (latest instructions/More details)
- Note: Remember to link the agent and use the group name issued. Please contact the System and Application team for the group name.
NESSUS_GROUPS="<Agent Group Name>"
- Install a Nessus Agent on Linux (latest instructions/More details)
-
Required information for installer:
Please contact the System and Application team for the host, port, and key.
--host=<Server>
--port=<Port>
key=<XXXXXXXXXXX>
- Confirm installation:
- Confirm that the agent linked with the server
- See step #4, under "Relinking Nessus Agent" section
- Confirm with a member of the System and Application Security team that the agent is associated with the correct agent group.
- You can email us: secassessment@tamu.edu
- Confirm that the agent linked with the server
Installing Nessus Agent Command Line
Depending on the operating system installation of the agent. Refer to the steps below to find the required information needed to install the agent
- Open a terminal as admin.
- CD to the directory where the .msi installer was downloaded.
- Type the following command:
msiexec /i NessusAgent-<version number>-x64.msi NESSUS_GROUPS="<Agent Group Name>" NESSUS_SERVER="<server:port>" NESSUS_KEY=<Key>
Relinking Nessus Agent (if the linking server changes, and your agent is currently linked)
-
Reference the link below to find the path of the bin/exec of the Nessus CLI:
- https://docs.tenable.com/nessus/Content/NessusCLIAgent.htm
- Note: admin shell/access is required
- https://docs.tenable.com/nessus/Content/NessusCLIAgent.htm
-
Unlink Nessus agent
nessuscli agent unlink
- For example, in Windows:
"C:\Program Files\Tenable\Nessus Agent\nessuscli.exe" agent unlink
- Relink the Nessus agent
nessuscli agent link --groups=<Group Name> --key=<key> --host=<host> --port=<port>
- For example, in Windows:
msiexec /i NessusAgent-10.1.1-x64.msi --groups="<Group Name>" NESSUS_SERVER="<server:port>" NESSUS_KEY=<Key>
- Note: The parameter to relink an agent to a group is different when relinking from when installation:
- Agent installation uses "NESSUS_GROUPS" parameter
- Agent relink uses "Groups" parameter
- Confirm that the agent is linked properly using the "nessucli agent status"
- For example, in Windows:
"C:\Program Files\Tenable\Nessus Agent\nessuscli.exe" agent status
- Link Status should say: "Connected to server:port"
- Note: It may take some time for the status to update properly. It should take no longer than 5 mins.
- Confirm with someone from System and Application Security that the agent has linked to the group assigned. This is very important, if your agent is not linked to the correct group, it will not be scanned.
Request
Information technology professionals on campus may contact endpoint-security@tamu.edu to request access to the agent installers, ask any questions, or request additional information.