# Security Center
## Version
* Linux Control Center = 2.10.5 or higher
* Tenable Security Center Plus = 6.4.0 or higher
## Requirements
* Tenable Security Center Access Key and Secret Key
* Tenable Security Center Plus with previously configured scans
* Hosts in the LCC database previously configured
## Overview
* This guide provides information and step-by-step instructions for integrating Linux Control Center (LCC) with the Tenable Security Center vulnerability manager.
## Objective
* This integration allows you to run Tenable Security Center scans from the LCC and use the scan results to quickly and easily identify vulnerabilities on hosts managed by the LCC.
{% hint style="warning" %}
Please note that all third-party solutions that interact with the LCC must be configured correctly. Inconsistent data from these solutions cannot be reliably processed or presented by the LCC.
If you have duplicate Assets in Tenable, the LCC will not be able to correctly process the received data.
{% endhint %}
### Integration Configuration
1. To create the LCC connection with Tenable, access the menu on the left of the LCC and click on the **Config** option
1. Click on **Tenable**
1. Click on **Tenable Security Center**
1. Click on the **Create** button
1. Enter the data in the fields below;
* Enter the name to identify the synchronization in the **Name** field.
* Enter the Tenable Security Center URL in the **URL** field.
* Enter the **Access Key** and **Secret Key** in their respective fields.
1. Click **Save**
1. After saving, click on the previously saved item to open the Tenable SC integration window.
1. Click the **Test Connection** button to test the connection with Tenable Security Center.
1. The Status will turn green to confirm that the connection was successful
### Sync Assets
1. Then, click on the **HOSTS** tab
1. Click on the **SYNC ASSETS** button and wait for the LCC hosts to synchronize with the Tenable Security Center Hosts.
1. After the Hosts are synchronized, click on the **Repositories** tab to define the repository to search for the scan results.
1. Check the box for the desired repository in the **Active** column and click **Save**
{% hint style="warning" %}
Sync Assets compares the IP addresses of the Hosts in the LCC database with those in the Tenable Security Center database. Only Hosts with the same IP addresses in both databases will be displayed on the LCC Assets screen.
{% endhint %}
### Scan Execution
1. After completing the **Sync Assets** step, the hosts will be listed on the screen.
1. Then, click on the **SCANS** tab and click on **Sync Scans**
1. Wait for the synchronization to finish, and you will be able to view the scans from Tenable Security Center.
2. Click on **Run** for the desired scan.
### Sync Results
{% hint style="warning" %}
This Action can only be run once every 24 hours. Before running Sync Results, check if any Scans have been performed recently to ensure that vulnerability information is up to date.
The Action will have the status **Aborted** if it is run again within the 24-hour period.
{% endhint %}
1. After the scan in Tenable Security Center is complete, open the integration item again and click on the **Hosts** tab.
1. Click on **Sync Results** and wait for the scan results to synchronize with the LCC.
1. After the Sync Results are complete, you will be able to obtain the risk indexes that Tenable Security Center makes available in the **Risk** column.
1. To obtain the output of the Scan executed on the Hosts screen, access the menu on the left of the LCC and click on **Hosts**
1. Click on the desired **Host** which will open the Host window.
2. Click on **Tenable Plugins**.
1. Click on the **Tenable Plugins** tab and you will be able to obtain the separate numbering of the plugins ID relating with AES, ACR, VPR, CVE ID, CVSS indexes, along with the suggested remediation provided by Tenable Security Center.
### Schedules
1. On the Tenable Security Center integration screen, click on the **Schedule** tab
1. Click on **Add Schedule**
**Test Connection:** Performs a connection test with Tenable Security Center to validate the integration\
**Sync Scans:** Updates the list of scans available in Tenable Security Center on the LCC integration Scans screen\
**Sync Assets:** Updates the list of Tenable Security Center assets according to the LCC host database\
**Launch Scan:** Sends the command to run a desired scan in Tenable Security Center\
**Sync Results:** Synchronizes the results of the last scan run in Tenable Security Center with the hosts integrated in LCC.
4. Then, define a name for the schedule in the **Name** field and choose one of the actions in the **Action** line
By default, the scheduling screen opens with the **One Time** option, to schedule a single execution at a specific hour, minute and date, as shown in the image below;
1. By checking the **Repeatedly** box together with **Minutes**, you can run the action every X defined minutes.
1. By checking the **Repeatedly** box together with **Daily**, you can run the action every day every X hours and X minutes.
1. Check the **Repeatedly** box along with the **Advanced** box to choose the custom schedule, where you can choose the hour, minute, day of the week, day of the month and the desired month.
1. After creating and saving a schedule, you can pause it if necessary by clicking **Disable** and monitor the status of whether it is enabled or not in the **Active** column.
1. The **Next Run** column displays when the next run will be and the **Last Run** column displays when the last run was. The **Count** column counts how many times the schedule has been run.
1. You can also delete a schedule by clicking the trash can icon next to the Disable/Enable button.
## Vulnerability fix
### Fix Plugin ID 153588 - Weak SSH ciphers
The LCC 7 Library has a script to change SSH encryption ciphers, configuring hosts to use stronger ciphers for SSH authentication.
To download and run this script, follow the steps below.
1. Click **7 Library** in the LCC left menu
1. Click **Sync Feed** to update the 7 Library feed
1. Click on the **Config SSH Ciphers Algorithms** script
1. Click **Download** and the script will be saved in the LCC and will be available in the **Scripts** screen
1. Click on **Scripts** in the left side menu.
1. Click on the script that was downloaded.
1. Click on **User for Execution.**
1. Choose which user will run the script (We recommend using the **lcc.local** user to avoid failures due to lack of permission.)
1. Click on **Save**
1. Then, click on **Workflow** in the left menu of the LCC
1. Click **Create**
1. Enter a name for the *Workflow* in the **Name** field
1. Click **Start New Workflow.**
1. Click **Actions** and choose the **Execute Custom Script** option
1. Define one or more Hosts in the **Host** field
1. If you have a pre-configured group, choose it in the **Target Group** field
1. Choose the **Config SSH Ciphers Algorithms** script.
1. Click **Create**.
1. Click **Save** to save the Workflow.
1. After creating the Workflow, click the **Actions** button, then **Run**.
1. Click **AGREE** to confirm the execution of the Workflow.
1. Wait for the Workflow to finish executing.
2. After the Workflow is successfully executed, run the Tenable Security Center scan again, according to step [Scan Execution](#scan-execution)
3. Run **Sync Results**, according to item 2 of the [Sync Results](#sync-results) topic
4. Access the menu on the left of the LCC and click on **Hosts**
1. Click on the desired **Host** that will open the Host window.
2. Click on **Tenable Plugins**.
1. Click on the **Tenable Plugins** tab and search for the number 153588 in the **Search** field
1. We can see that the ID 153588 is no longer present in the Plugin ID column.
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.linuxcontrolcenter.com.br/en/configs-integrations/integrations/tenable/security-center.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.