I'd be interested in hearing from anyone who has enterprise level deployments of Nessus, and how you handle a few items, for those that are able to share:
1) With regulations such as PCI requiring production network scanning -- when do you scan? Downtimes? Daytime, etc? 2) What has your experience been with outages, overload, etc based on the above? How have you mitigated the risk of overloading network devices with sessions, device failure, etc? 3) What settings as far as throttling/sessions/# hosts, have you found to be most efficient (and over what sort of network, fast ethernet\gb, etc) 4) What settings for safe checks, port range, paranoia, thorough -- have been most effective as a balance between accuracy / false positives / speed? 5) Have you implemented workstation scanning? Do you scan all? A pool? Rotate quarterly? 6) For those using a distributed scanner architecture -- what's been effective? what did you "do wrong"? What do you wish you'd done? Tips/thoughts? 7) Thoughts on Security Center as a management tool for distributed scanning? Thanks in advance, Mike
<<image/gif>>
_______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
