Adding a Nessus Scheduled Live Scan
A live scan runs on your Nessus server and imports the result data from a temporary directory on the Nessus client that contains the scan report data.
- Click the Admin tab.
- Click the VA Scanners icon.
- Click Add.
- In the Scanner Name field, type a name to identify your Nessus scanner.
- From the Managed Host list, select the managed host that manages the scanner import.
- From the Type list, select Nessus Scanner.
- From the Collection Type list, select Scheduled Live Scan.
- Configure the following parameters:
The user name to access Nessus server.
Your Nessus server password must not contain the exclamation mark (!) character or authentication failures can occur over SSH.
Client Temp Dir
The directory path of the Nessus client that JSA can use to store temporary files.
JSA uses the temporary directory on the Nessus client to upload scan targets and read scan results. Temporary files are removed from the temporary directory when the scan completes and the scan report is downloaded.
The directory path to the executable file on the Nessus server.
Nessus Configuration File
The directory path to the Nessus configuration file on the Nessus client.
The host name or IP address of the Nessus client.
Client SSH Port
The SSH port on the Nessus server that can be used to retrieve scan result files.
The user name to authenticate the SSH connection.
If the Enable Key Authentication field is enabled, the password is ignored.
If the scanner is configured to use a password, the SSH scanner server that connects to JSA must support password authentication. If it does not, SSH authentication for the scanner fails. Ensure the following line is displayed in your
/etc/ssh/sshd_configfile: PasswordAuthentication yes. If your scanner server does not use OpenSSH, see the vendor documentation for the scanner configuration information.
Private Key File
The directory path to the key file. If a key file does not exist, you must create the
The size of the subnet that you want to scan. The value represents the largest portion of the subnet the scanner can scan at one time. The mask segments the scan to optimize the scan performance.
- To configure a CIDR range for your scanner:
Type the CIDR range that you want this scanner to consider or click Browse to select a CIDR range from the network list.
- Click Save.
- On the Admin tab, click Deploy Changes.