How to Deploy Nessus Agents to Remote Assets
Nessus Agents are essential to help secure remote endpoints against dangerous vulnerabilities and misconfigurations. This post offers guidance on how to streamline agent deployment at scale.
As organizations respond to the COVID-19 pandemic by enabling vast numbers of employees to work from home, security teams need to ensure their computing devices aren’t introducing excessive risks when they connect to corporate networks. Agent-based scanning is an essential capability to gain visibility into vulnerabilities, misconfigurations and other security issues on remote devices. However, one common challenge that security and IT teams face is how best to configure and deploy agents without physical access to the actual device.
Fortunately, you can overcome this hurdle with Nessus Agents, which are fully scriptable to easily deploy across multiple systems with minimum effort. Tenable Professional Services published a comprehensive deployment guide to provide you with best practices for deploying Nessus Agents in a distributed environment, including example scripts you can use for common configuration and deployment platforms. Since remote employees rarely have root- or admin-level account privileges on their devices, deployment scripts are essential to automate the agent installation and deployment process without any user intervention.
Three tips to deploy Nessus Agents to remote endpoints
Here are three tips to streamline Nessus Agent deployment to remote endpoints:
- Carefully stage agent rollouts. If endpoints are connected to corporate VPNs, mass deployment of agents may saturate bandwidth during the initial download and subsequent plugin updates. It is important to stage the agent rollout to avoid possible network performance issues.
- Take advantage of command-line syntax. Nessus Agents support command-line instructions to enable unattended agent installs. You can link agents, specify agent groups and even install plugins before linking to reduce network congestion during a mass installation. You can find command-line syntax examples in the Nessus Agent user guide (Windows, Linux and Mac OS X).
- Deploy agents through orchestration platforms. Nessus Agent deployment and configuration can be fully scripted, so that you can deploy across multiple systems and endpoints with minimal effort. All this can be done without needing to create additional administrator or service accounts on the network. Going forward, Nessus Agents can also be proactively deployed as part of a base image, so that agent installation is bundled with new OS deployments.
Get more information
New to agent scripting? Tenable Professional Services has published several articles for deploying agents via commonly used configuration and deployment platforms. Please note that Tenable does not provide support for any third-party software mentioned below. The examples should be used as guidelines only and amended to comply with your organization’s operational procedures.
- Nessus Agent Deployment for Microsoft System Center Configuration Manager (SCCM)
- Nessus Agent Deployment for Group Policy Object (GPO)
- Nessus Agent Deployment for Amazon Web Services (AWS)
- Nessus Agent Deployment for Microsoft Azure
- Nessus Agent Deployment for Ansible
For more information, download the Nessus Agent Professional Services Deployment Guide.
Planning a large-scale deployment (>10,000 hosts or endpoints)? Read the Nessus Agent Large-Scale Deployment Guide.
You can also learn more about remote workforce security considerations and access product education resources in our Protecting Your Remote Workforce solution center.
Related Articles
Cybersecurity Snapshot: How To Boost Customers' Trust in Your Digital Services
May 12, 2023Check out how beefing up digital trust in your technology yields key business benefits. Plus, a sophisticated cyber espionage operation has been defused. Also, why cyberattack victims should speak up. In addition, don’t miss our poll on mobile device security. And much more!
Cybersecurity Snapshot: 6 Things That Matter Right Now
June 17, 2022Key vulnerabilities you can’t ignore. Best practices to improve operational technology (OT) cybersecurity. A reality check on shift left, DevSecOps and cloud security. Tackling the security skills gap. Healthcare data breaches. And much more!
You’ve Migrated Business-Critical Functions to the Cloud…Now What?
April 20, 2022An expanding attack surface demands a robust cybersecurity strategy. Here’s what you need to know.
Cybersecurity Snapshot: Cyber Agencies Offer Secure AI Tips, while Stanford Issues In-Depth AI Trends Analysis, Including of AI Security
April 19, 2024Check out recommendations for securing AI systems from the Five Eyes cybersecurity agencies. Plus, Stanford University offers a comprehensive review of AI trends. Meanwhile, a new open-source tool aims to simplify SBOM usage. And don’t miss the latest CIS Benchmarks updates. And much more!
Tenable and Thales Collaborate to Provide Cyber Defense Simulations to Better Secure Operational Technology Environments
April 18, 2024The heart of the Welsh Valleys is home to the Thales Ebbw Vale campus, a world-class facility jointly funded by the Welsh government as part of its regeneration program for the region. At the core of the facility is the Cyber Range, a simulation and virtualization platform for training, testing, exercising and R&D. Tenable has joined the lineup of solutions used to run real world simulations in this controlled environment.
Oracle April 2024 Critical Patch Update Addresses 239 CVEs
April 17, 2024Oracle addresses 239 CVEs in its second quarterly update of 2024 with 441 patches, including 38 critical updates.
- Remote Workforce
- Vulnerability Management
- Vulnerability Scanning