Using Nessus from outside the firewall
Posted on 2008-06-17
My company is having a thorough pen test done in August but I have been asked to conduct one before then so we have an idea where we are until then. I have read a lot about Nessus, nmap and other tools that can be used. I have downloaded Nessus, but I'm a little uncertain as too how it needs to be configured in order to test our network from the outside and then where to go from there. I've read that it is a client/server config - does this mean I need a server set up on the inside of the firewall? Does nessus do security scanning on network equipment or the servers behind the equipment? the documentation didn't help me too much - maybe it's just me :)
We are using Cisco's ASA5510 and there are about 7 servers being nat'd thru. I just want to make sure the ASA is doing what it's supposed to along with the servers.
Anyway... any help with this would be greatly appreciated!