Invest in yourself, Learn Today and Lead Tomorrow! Special Learner Discount - Get 20% OFF - Use Coupon: LEARN20 Now!
+011 4734 4723[email protected]

How to Use Settings of Nessus

The Settings section in Nessus is a central hub for managing configurations, resources, and administrative options that control the overall behaviour of the scanner. By effectively using these settings, you can customize Nessus to align with your organization’s needs, optimize performance, and ensure secure operations.

Here’s a breakdown of how to navigate and use the various Settings in Nessus.

1. General Settings

Accessing General Settings

  • Log in to Nessus.
  • Navigate to the Settings section from the top menu.

Key Options

  • Updates: Manage how Nessus updates its plugins and software. Regular updates ensure the scanner detects the latest vulnerabilities.
    • Enable automatic plugin updates or manually trigger updates.
  • License Information: View and manage your Nessus license details, including activation codes and expiration dates.
  • Time Zone and Localization: Configure the time zone for accurate scan timestamps and reports.

2. Plugin Management

Purpose

Plugins are the individual vulnerability checks Nessus uses. Managing plugins allows you to enable, disable, or customize how these checks are applied during scans.

Actions

  • View Plugins: Browse the list of available plugins and their descriptions.
  • Update Plugins: Ensure the plugin database is up-to-date by running a manual update or enabling automatic updates.
  • Plugin Rules: Customize plugin behavior (e.g., disable certain plugins for specific IPs) to reduce false positives or optimize scans.

3. User Management

Purpose

Manage users who can access Nessus and assign appropriate permissions.

Actions

  • Add Users: Create new user accounts with unique credentials.
  • Assign Roles: Specify roles for users, such as Administrator (full access) or Standard User (limited access).
  • Modify Permissions: Adjust user access to scans, policies, and reports based on organizational needs.

4. Scan Settings

Purpose

Configure default settings that affect scan behavior, resource usage, and target management.

Key Options

  • Maximum Concurrent Scans: Set the limit for how many scans can run simultaneously to avoid overloading resources.
  • Scan Timeout: Define how long Nessus should wait before timing out a scan.
  • Bandwidth Control: Adjust bandwidth usage for scans to reduce network impact.

5. Integration and APIs

Purpose

Enable integrations with third-party tools and manage Nessus’s API settings for advanced automation.

Actions

  • Enable API Access: Allow external systems to communicate with Nessus using its API for automating scan setups and report generation.
  • Generate API Keys: Securely generate and manage API keys for authenticated access.
  • Integrations: Configure connections with SIEM tools like Splunk or vulnerability management platforms.

6. Backup and Restore

Purpose

Backup or restore Nessus configurations and data to maintain continuity and prepare for disaster recovery.

Actions

  • Export Settings: Save a backup of Nessus policies, scans, and configurations.
  • Import Settings: Restore settings from a previously saved backup file.
  • Database Maintenance: Periodically clean up or optimize the database to improve Nessus’s performance.

7. Security and Encryption

Purpose

Manage security settings to ensure Nessus operates securely within your environment.

Actions

  • SSL/TLS Certificates: Configure SSL/TLS certificates for secure communication between Nessus and its users.
  • Authentication Protocols: Enable or disable specific authentication methods to align with organizational policies.
  • IP Whitelisting: Restrict access to the Nessus web interface by defining a list of allowed IP addresses.

8. Advanced Settings

Purpose

Control advanced configuration parameters for Nessus’s operation.

Actions

  • Performance Tuning: Adjust parameters such as scan performance, thread limits, and memory usage for optimal operation.
  • Logging: Enable or configure logging options to troubleshoot issues or track Nessus activities.
  • Debugging Mode: Activate debugging for resolving technical problems (use with caution).

Best Practices for Using Nessus Settings

  • Regular Updates: Ensure plugins and Nessus software are updated frequently to detect the latest vulnerabilities.
  • Secure Configuration: Use SSL/TLS encryption, strong user passwords, and IP whitelisting to secure Nessus operations.
  • Backup Configurations: Regularly back up Nessus settings and data to prepare for potential system failures or migrations.
  • Optimize Performance: Adjust scan concurrency, bandwidth, and timeout settings based on network capacity and hardware resources.
  • Use Roles and Permissions: Assign appropriate roles to users to enforce access control and maintain accountability.

The Settings section of Nessus is vital for tailoring the scanner’s behavior, securing its operations, and optimizing its performance. By effectively managing settings, you can ensure Nessus operates efficiently and aligns with your organization’s security policies and infrastructure.

Anandita Doda
How to use Resources of Nessus (Policies and Plugin Rules)
See How I Analyze Results of a Done Nessus Scan

Get industry recognized certification – Contact us

keyboard_arrow_up
Open chat
Need help?
Powered by Joinchat
Hello 👋
Can we help you?