Deployment and configuration for Tenable.io

This module provides the steps to deploy and configure the BigFix Insights for Vulnerability Remediation solution.

About this task

To install and configure BigFix Insights for Vulnerability Remediation service, perform below steps:
Note: To use the latest release build, uninstall the old version.

Procedure

  1. Enable a content site.
    Navigate to BigFix License Overview Dashboard. In Compliance/Lifecycle panel, click Enable BigFix Insights for Vulnerability Remediation Fixlet to gather the required content.

    Note: Refer to the following link for more information about License Overview dashboard.
  2. Subscribe computers to the site. It is recommended to subscribe to All computers. For more information on Computer Subscriptions Tab refer to the link.

  3. Activate the analysis.

    Status of the analysis should be Activated Globally.

    Note: Refer to the link to learn more about Computer Subscriptions Tab.
  4. Deploy the solution to the target server.
    1. Click Deploy Insights for Vulnerability Remediation Fixlet in the BigFix Insights for Vulnerability Remediation external sites.

    2. Fill in the blanks in the description panel and Take action to deploy the IVR services.
      Please provide:
      • Deployment Options
        • Installation path
      • Configure Insights Datasource
        • Database Hostname - the hostname, DNS name, or IP address for the Insights Database
        • Database - database name
        • Account - the user name for the BigFix Insights Database
        • Password - the password for the user name specified above
      • Configure IVR ETL
        • Import Vulnerability Data Into Insights - specify the desired ETL schedule for Vulnerability data
        • Import BigFix Asset Data Into Tenable.IO - specify the desired ETL schedule for Asset data*

          ETL schedule for Vulnerability data uses Cron Time String Format. Refer to the link to find out more about the Scheduler.

          The column named datasource_device_id in Bigfix Insight serves as the device identifier for IVR purposes. This identifier is labeled as bigfix_asset_id and forwarded to TenableIO.

          *Tenable.IO offers an optional feature that allows BigFix IVR to transmit endpoint asset data to Tenable.IO. This can potentially give Tenable users access to information about assets that were previously unknown. By providing a more comprehensive and current view of the assets, Tenable.IO and BigFix can help in identifying and mitigating potential security risks, identifying under-utilized resources, and facilitating compliance efforts. For more information about assets in Tenable.IO refer to the following page: https://docs.tenable.com/tenableio/Content/Platform/Explore/ExploreAssets.htm.

      • Configure Vulnerability Management Datasource
        • VM Platform - specify the VM Platform
        • Connection String - the URL to the Vulnerability Management Platform
        • Access Key - access key for the Vulnerability Management Platform
        • Secret Key - secret key for the user name specified above


      To provide proxy details click on Advanced Settings. This option is not mandatory.

    Note: Please note the following pre-requisites:
    Warning: Do not deploy the BigFix Insights for Vulnerability Service to more than 1 machine.
    Warning: Do not have more than 2 dataflows per IVR Service.
  5. Select target devices under Target tab and click OK.

    Wait for the deployment to complete. Status should show 100% completed.



  6. If Start services option was selected in the Description panel BigFix Insights for Vulnerability Remediation service should be present and in Running state in the Services. Otherwise, the BigFix Insights for Vulnerability Remediation service must be started manually. This indicates deployment is completed. Deployment can be checked in the log file: install.log.

    Refer to the following link to learn more about other IVR Tasks.