This article describes how to manually install the agent on a Windows device.

Step 1: Download the agent installer (but don't launch it)

  • Head to the Nessus agent download page: https://www.tenable.com/downloads/nessus-agents

  • Search for the relevant .msi installer file:
    Newer version of Windows: NessusAgent-X.X.X-x64.msi

    Older version of Windows: NessusAgent-X.X.X-Win32.msi

  • Download the installer and take a note of the path*
    (If this was downloaded from a browser, hit the dropdown button and click 'Show in folder'. You'll then be able to copy the path.)

Step 2: Calculate the DeviceName

Open the Targets page > Add Targets > Internal targets

Click 'View configuration keys'

Copy the 'Prefix'

Your DeviceName is comprised of your Prefix and your TargetName
(what you'd like the target to be named in the portal).

👇
DeviceName = Prefix_TargetName (eg. DQEGBQUAAAc_paul-laptop).


Step 3: Install and link the agent

Once you have the above information ready:

  • Open a Command Prompt (cmd.exe) as Administrator

  • Run the following command, making sure to update:

    • The path to where the installer was downloaded

    • The Key (see above)

    • The DeviceName (see above)

⚠️ Windows Server 2008 SP2, 7, 8.1 10 (32-bit)

msiexec /i "[the path to where the installer was downloaded]\NessusAgent-8.3.1-Win32.msi" NESSUS_SERVER="cloud.tenable.com:443" NESSUS_KEY=Key NESSUS_NAME=DeviceName /qn

⚠️ Windows Server 2008 SP2, Server 2008 R2 SP1, Server 2012, Server 2012 R2, Server 2016, Server 2019, 7, 8.1, and 10 (64-bit)

msiexec /i "[the path to where the installer was downloaded]\NessusAgent-8.2.4-x64.msi" NESSUS_SERVER="cloud.tenable.com:443" NESSUS_KEY=Key NESSUS_NAME=DeviceName /qn

⬇️ For example

msiexec /i "C:\Users\Intruder\Downloads\NessusAgent-8.2.4-x64.msi" NESSUS_SERVER="cloud.tenable.com:443" NESSUS_KEY=819652a91d674e8d5be08e21299f1a3c69bd9806c72e24bc05df6b32b8db7fe1 NESSUS_NAME=DQEGBQUAAAc_paul-laptop /qn


or

If you don't have the path to where the agent was downloaded, then you must be in the folder where nessuscli is installed. For reference, the default location would be:

Windows: cd "C:\Program Files\Tenable\Nessus Agent\"

  • Check that you're in the right directory

  • Open a Command Prompt (cmd.exe) as Administrator

  • Run the relevant command (per your OS), making sure to update:

    • The Key (see above)

    • The DeviceName (see above)

⚠️ Windows Server 2008 SP2, 7, 8.1 10 (32-bit)

msiexec /i NessusAgent-8.3.1-Win32.msi" NESSUS_SERVER="cloud.tenable.com:443" NESSUS_KEY=KEY NESSUS_NAME=DeviceName /qn

⚠️ Windows Server 2008 SP2, Server 2008 R2 SP1, Server 2012, Server 2012 R2, Server 2016, Server 2019, 7, 8.1, and 10 (64-bit)

msiexec /i NessusAgent-8.2.4-x64.msi" NESSUS_SERVER="cloud.tenable.com:443" NESSUS_KEY=KEY NESSUS_NAME=DeviceName /qn

⬇️ For example

msiexec /i NessusAgent-8.2.4-x64.msi" NESSUS_SERVER="cloud.tenable.com:443" NESSUS_KEY=819652a91d674e8d5be08e21299f1a3c69bd9806c72e24bc05df6b32b8db7fe1 NESSUS_NAME=DQEGBQUAAAc_paul-laptop /qn

or

If you're looking to streamline step 3, you can automatically populate half of the DeviceName by using your machine's existing name. To do this:

  • Check that you're in the right directory

  • Open a Command Prompt (cmd.exe) as Administrator

  • Run the relevant command (per your OS), making sure to update:

    • The Key (see above)

    • The prefix (see above)

⚠️ Windows Server 2008 SP2, 7, 8.1 10 (32-bit)

msiexec /i NessusAgent-8.3.1-Win32.msi" NESSUS_SERVER="cloud.tenable.com:443" NESSUS_KEY=KEY NESSUS_NAME==Your Prefix_%computername% /qn

⚠️ Windows Server 2008 SP2, Server 2008 R2 SP1, Server 2012, Server 2012 R2, Server 2016, Server 2019, 7, 8.1, and 10 (64-bit)

msiexec /i NessusAgent-8.2.4-x64.msi" NESSUS_SERVER="cloud.tenable.com:443" NESSUS_KEY=KEY NESSUS_NAME==Your Prefix_%computername% /qn

⬇️ For example

msiexec /i NessusAgent-8.2.4-x64.msi" NESSUS_SERVER="cloud.tenable.com:443" NESSUS_KEY=819652a91d674e8d5be08e21299f1a3c69bd9806c72e24bc05df6b32b8db7fe1 NESSUS_NAME==DQEGBQUAAAc_%computername% /qn


Step 4: Reboot your machine

Only applicable if you're on Windows 7 x64 Enterprise, Windows 8 Enterprise or Windows Server 2012.

Note: Internal vulnerability scanning is only available to Pro and Verified customers.

Did this answer your question?