Nessus Agent Installation

What are Nessus Agents

Nessus Agents are lightweight client programs that are installed locally on a host. Agents collect vulnerability, compliance, and system data and report that information back to a Tenable Security Center.

Agents run under the local SYSTEM account in Windows or root on Linux-based operating systems, and do require sufficient privileges to install software under that account on setup. Nessus Agents are packaged for installation on their respective platforms, and after installation, a scriptable command can be used to register the agent with an instance of Nessus Cloud or Tenable Security Center.

Nessus Agent Configuration Attributes

Download the appropriate agent installer for your operating system/platform from this link. http://www.tenable.com/products/nessus/agent-download

During installation, use the following options/attributes to link your agent to the UTK Tenable Security Center Vulnerability Management System:

Linux Agent Installation

When downloading the Tenable Nessus client for Linux as a .deb (Debian, Ubuntu, etc.) or .rpm (Red Hat, Fedora, etc.) file, you will need to configure it after installation and enable the Nessus Agent service. The command you will need to use is /opt/nessus_agent/sbin/nessuscli.

  1. Check the agent status. It will likely be unlinked:
    ~> sudo /opt/nessus_agent/sbin/nessuscli agent status
    
    Running: Yes
    Linked to: None
    Link status: Not linked to a manager
    Last successful connection with controller: 853 secs ago
    Proxy: None
    Plugin set: 202402291358
    Scanning: No (0 jobs pending, 0 smart scan configs)
    Scans run today: 1 of 10 limit
    Last scanned: 1709293069
    Last connect: 1709307141
    Last connection attempt: 1709307141

    You should see Linked to: None. If you agent is already linked to cloud.tenable.com, you will need need to do anything else.

  2. Link the agent to Tenable's cloud and the UTK_EECS group. See the above list for the currently correct parameters:
    ~> sudo /opt/nessus_agent/sbin/nessuscli agent link \
            --key=3b94865460bc6e1c7207ad6b203841288306f77d266a83b227dd2b85e2e815b7 \
            --host=cloud.tenable.com \
            --port=443 \
            --groups=UTK_EECS
    
    [info] [agent] Successfully linked to cloud.tenable.com:443
  3. The nessuscli agent status should now show a properly linked agent:
    ~> sudo /opt/nessus_agent/sbin/nessuscli agent status
    
    Running: Yes
    Linked to: cloud.tenable.com:443
    Link status: Connected to cloud.tenable.com:443
    Last successful connection with controller: 95 secs ago
    Proxy: None
    Plugin set: 202402291358
    Scanning: No (0 jobs pending, 0 smart scan configs)
    Scans run today: 1 of 10 limit
    Last scanned: 1709293069
    Last connect: 1709308242
    Last connection attempt: 1709308242
  4. Make sure that the Nessus Agent is running and configured to start at boot time. For most Linux systems, this will be done via the systemctl command:
    sudo systemctl enable nessusagent.service ; sudo systemctl start nessusagent.service
    If your system does not use systemd for daemon management, please see your Linux distribution's documentation.