Security

Hi there,

I can see "Nessus Server" under Audit, pointing to localhost.

Is Nessus included? If so, what version?

When I click "Modify" from the scan profile I get "Unable to connect to Nessus server". Do I need to enable something to make it work?

Thanks

Hey Rich, this message general referes to one of the following.....

Adding an external Nessus audit server failed with the error message “Primary Server: Unable to connect to Nessus Server”.

This issue is corrected in ClearPass; however, some changes are required on the Nessus server side.

In the Nessus server configuration, please set "disable_ntp" to "no" and restart the nessus process on the Nessus server.

1. Set the value for disable_ntp to no.

For example, on a CENTOS/RHEL server running Nessus:

centos# /opt/nessus/sbin/nessuscli fix --set disable_ntp=no

2. Restart the nessus service.

For example:

centos# service nessusd restart

3. If the Nessus server has TLS enabled, then add the Nessus CA Certificate to the ClearPass Certificate Trust List.

The Nessus CA certificate can be downloaded from https://<nessus-server>:8834/getcert.

I also want to add that we're finaliing a NEW Tenable Nessus integration we hope to release later this year.

Hi Danny,

Isn't there a Nessus inside the ClearPass appliance?

Also, any ideia if OpenVAS will work as well?

Thanks

Yes, and I outlined the 'common' fix for the issue you originally highlighted.

Hi Danny,

Not sure I followed your explanation.

I'm asking if there is a NESSUS server inside ClearPass appliance. You tell me there is, but then intruct me to go to an external NESSUS server and change it's configuration.

Regards