knowledge-base:general:nessus-agent-installation

Nessus Agent Installation

What are Nessus Agents

Nessus Agents are lightweight client programs that are installed locally on a host. Agents collect vulnerability, compliance, and system data and report that information back to a Tenable Security Center.

Agents run under the local SYSTEM account in Windows or root on Linux-based operating systems, and do require sufficient privileges to install software under that account on setup. Nessus Agents are packaged for installation on their respective platforms, and after installation, a scriptable command can be used to register the agent with an instance of Nessus Cloud or Tenable Security Center.

Nessus Agent Configuration Attributes

Download the appropriate agent installer for your operating system/platform from this link. http://www.tenable.com/products/nessus/agent-download

During installation, use the following options/attributes to link your agent to the UTK Tenable Security Center Vulnerability Management System:

  • server=cloud.tenable.com:443 (or server=cloud.tenable.com and port=443)
  • key=3b94865460bc6e1c7207ad6b203841288306f77d266a83b227dd2b85e2e815b7
  • group name=UTK_EECS

Linux Agent Installation

When downloading the Tenable Nessus client for Linux as a .deb (Debian, Ubuntu, etc.) or .rpm (Red Hat, Fedora, etc.) file, you will need to configure it after installation and enable the Nessus Agent service. The command you will need to use is /opt/nessus_agent/sbin/nessuscli.

  1. Check the agent status. It will likely be unlinked:
    ~> sudo /opt/nessus_agent/sbin/nessuscli agent status

Running: Yes
Linked to: None
Link status: Not linked to a manager
Last successful connection with controller: 853 secs ago
Proxy: None
Plugin set: 202402291358
Scanning: No (0 jobs pending, 0 smart scan configs)
Scans run today: 1 of 10 limit
Last scanned: 1709293069
Last connect: 1709307141
Last connection attempt: 1709307141

    You should see Linked to: None. If you agent is already linked to cloud.tenable.com, you will need need to do anything else.

  2. Link the agent to Tenable's cloud and the UTK_EECS group. See the above list for the currently correct parameters:
    ~> sudo /opt/nessus_agent/sbin/nessuscli agent link \
        --key=3b94865460bc6e1c7207ad6b203841288306f77d266a83b227dd2b85e2e815b7 \
        --host=cloud.tenable.com \
        --port=443 \
        --groups=UTK_EECS

[info] [agent] Successfully linked to cloud.tenable.com:443
  3. The nessuscli agent status should now show a properly linked agent: 
    ~> sudo /opt/nessus_agent/sbin/nessuscli agent status

Running: Yes
Linked to: cloud.tenable.com:443
Link status: Connected to cloud.tenable.com:443
Last successful connection with controller: 95 secs ago
Proxy: None
Plugin set: 202402291358
Scanning: No (0 jobs pending, 0 smart scan configs)
Scans run today: 1 of 10 limit
Last scanned: 1709293069
Last connect: 1709308242
Last connection attempt: 1709308242
  4. Make sure that the Nessus Agent is running and configured to start at boot time. For most Linux systems, this will be done via the systemctl command:
    sudo systemctl enable nessusagent.service ; sudo systemctl start nessusagent.service
    If your system does not use systemd for daemon management, please see your Linux distribution's documentation.