As one component of UCSB's vulnerability management program, Nessus Agents are lightweight, low-footprint programs installed locally on endpoints to supplement traditional network-based scanning and to provide visibility into gaps (like application vulnerabilities) that are missed by traditional network-based scanning. Nessus Agents collect vulnerability, compliance and system data and report that back to UCSB’s Tenable.io instance for analysis. The agents do not access the contents of any files, nor do they return any information about the filesystem or contents to UCSB's Tenable.io instance.
Nessus Agents provide vulnerability scan data from systems that may not be accessible with traditional network-based methods because they are not on the campus network during traditional network scan windows. Agents are considerably more secure and easier to manage than using credentialed scanning.
Nessus Agents provide organizational units with timely, accurate information about critical vulnerabilities, helping units to manage, mitigate, and remediate their IT risks. With this information, units can identify and resolve vulnerabilities before they are exploited - avoiding vulnerable systems from network removal, decreasing labor for IT staff, and preventing system compromise.
In summary, the use of Nessus Agents provides the UCSB Security Operations Center vulnerability scan flexibility and coverage.
Nessus Agent deployment is a two-step process. First, the Agent must be installed on the host system. Then, it must be linked to UCSB's Tenable.io instance. Detailed steps for Nessus Agent deployment are available here.
Nessus Agents are available for Windows, Mac and Linux operating systems. They are not currently supported on mobile (iOS or Android) devices.
(all links redirect to ServiceNow (UCSB netid required)