Installation and Usage
Installing Nessus is really quite simple. Nessus runs as a web based application with a single system service under Windows. Administrators can manage user accounts and plug-in updates from the Nessus Server Manager on the machine Nessus is installed.
The Nessus “Client" is really just a flash based user interface accessed via web browser.
Once a user is logged in, they can navigate the easy to use interface to create policies, run scans and view reports.
Policies are the meat and potatoes of Nessus. The Policy specifies what and how to scan. After specifying a name for a policy, you decide which credentials the policy should use to connect to your target machines. You also use the policy to set up groupings of vulnerability tests to run. For example, you may have a policy that only targets Web server vulnerabilities and one policy that targets databases. Policies are easy to setup, but offer several options for customizing performance.
After creating a policy, users can initiate a scan. Setting up a scan is as easy as giving the scan a name, assigning targets to the scan and assigning a policy. Scans will be carried out immediately. It’s unfortunate that Nessus doesn’t let you save scan criteria for later use. The user interface appears to allow for multiple scans to run concurrently, but I wasn’t able to find any way to re-use scan criteria. Not a major issue, but for those who want to do frequent scans, Tenable expects you to dish out for their higher end product.
Once a scan is complete, you can view detailed information on vulnerabilities found. I especially liked the reporting interface in that it allows you to easily see a top level view of all machines scanned with the number of high, medium and low vulnerabilities. You can then double click on a host to drill into specific details on the vulnerabilities found along with practical advice on how to eliminate or mitigate the vulnerability.