Invest in yourself, Learn Today and Lead Tomorrow! Special Learner Discount - Get 20% OFF - Use Coupon: LEARN20 Now!
+011 4734 4723[email protected]

How to Use Nessus Policies (Reusable Scans)

Nessus Policies are reusable templates that define how scans are conducted. By using policies, you can save time, ensure consistency across scans, and tailor scans to specific environments or needs. These are especially useful when performing recurring or standardized vulnerability assessments.

Here’s how to create, configure, and use Nessus Policies effectively.

What Are Nessus Policies?

A Nessus Policy is a predefined set of scanning parameters that includes:

  • Target details (IP ranges, hostnames).
  • Scan configurations (port ranges, scan intensity).
  • Plugin selections (vulnerability checks).
  • Credential settings (to perform deeper scans).
  • Performance adjustments (to optimize network impact).

Policies ensure you don’t have to reconfigure settings each time you run a scan, making them ideal for repetitive tasks.

Creating a Nessus Policy

Step 1: Navigate to the Policies Section

  • Log in to the Nessus interface.
  • Click on Policies in the top menu to access the policy management page.

Step 2: Create a New Policy

  • Click the New Policy button.
  • You’ll be prompted to choose a policy template that matches your needs:
    • Basic Network Scan: For general-purpose vulnerability scans.
    • Advanced Scan: Offers detailed configuration options for custom scans.
    • Host Discovery: Focuses on identifying active hosts.
    • Web Application Tests: Designed for web application assessments.
    • Compliance Audits: For checking adherence to regulatory standards like PCI DSS or HIPAA.

Step 3: Configure Policy Settings

  1. General Settings:
    • Policy Name: Give the policy a clear, descriptive name (e.g., “Internal Network Scan” or “PCI Compliance”).
    • Description: Optionally, add a description for the policy to explain its purpose.
  2. Targets:
    • Add specific IP addresses, ranges, or hostnames that the policy will scan.
  3. Port Ranges:
    • Specify which ports to scan (e.g., common ports, all ports, or a custom range like 20-443).
  4. Scan Settings:
    • Adjust settings such as timeouts, retries, and max concurrent checks to optimize performance.
    • Choose scan types like TCP, UDP, or ICMP based on your network.
  5. Plugins:
    • Enable or disable specific plugins depending on what you want to check.
    • For example, disable plugins for technologies not in use to speed up the scan and reduce false positives.
  6. Credentials (Optional):
    • Add credentials (e.g., SSH, Windows, SNMP) to perform credentialed scans for deeper analysis.
    • Credentialed scans reveal vulnerabilities and misconfigurations that are not visible in non-credentialed scans.
  7. Compliance Settings (Optional):
    • If performing a compliance audit, configure benchmarks or standards to be assessed.
  8. Performance Options:
    • Adjust scan intensity and resource utilization to minimize network impact during scans.

Step 4: Save the Policy

  • Click Save to store the policy.
  • The policy will now appear in the Policies list and can be reused in future scans.

Using a Nessus Policy

Step 1: Create a New Scan from a Policy

  • Go to the My Scans or All Scans section.
  • Click New Scan.
  • Select the Policy tab and choose the desired policy from the list.

Step 2: Configure Additional Settings (Optional)

  • While the policy applies predefined settings, you can still customize scan-specific details, such as scheduling or reporting preferences.

Step 3: Launch the Scan

  • Click Launch to start the scan. Nessus will use the policy settings to execute the scan.

Managing and Updating Policies

  1. Edit an Existing Policy:
    • Go to the Policies section.
    • Click on a policy’s name to edit its settings.
    • Modify configurations such as plugins, targets, or credentials as needed.
  2. Duplicate Policies:
    • Use the Duplicate option to create a copy of an existing policy.
    • This is useful for creating variations without starting from scratch.
  3. Organize Policies:
    • Use clear and descriptive names for policies to make them easily identifiable.
    • Group policies by purpose (e.g., “Internal Audits,” “External Penetration Testing,” or “PCI Compliance”).

Best Practices for Nessus Policies

  • Create Separate Policies for Different Environments:
    • For example, use one policy for internal systems and another for external-facing systems. Tailor the settings accordingly.
  • Minimize False Positives:
    • Disable plugins that are not relevant to your environment.
  • Use Credentialed Scans:
    • Whenever possible, add credentials to policies for more accurate vulnerability detection.
  • Schedule Regular Scans:
    • Combine policies with scheduled scans to ensure continuous monitoring.
  • Document Changes:
    • Maintain a record of changes made to policies for auditing and accountability.

Examples of Useful Policies

  1. Internal Network Scan:
    • Focuses on internal IP ranges.
    • Uses credentialed scans for deeper vulnerability checks.
    • Targets common ports and services.
  2. Web Application Scan:
    • Includes plugins for web vulnerabilities like SQL injection and XSS.
    • Excludes unnecessary checks for non-web-related technologies.
  3. PCI DSS Compliance Scan:
    • Focuses on PCI-specific requirements.
    • Uses compliance benchmarks to check adherence to standards.

Nessus Policies are powerful tools for streamlining and standardizing vulnerability scans. By creating reusable and tailored policies, you can save time, improve accuracy, and ensure consistency across your scans. With careful planning and customization, policies become an indispensable part of your Nessus workflow.

Anandita Doda
See How I Analyze Results of a Done Nessus Scan
How to Use Compliance Templates

Get industry recognized certification – Contact us

keyboard_arrow_up
Open chat
Need help?
Powered by Joinchat
Hello 👋
Can we help you?