Where is the "best" logical/physical position for a Nessus scanning machine? In front of, behind or beside (DMZ) the firewall? When it's behind the firewall it generates quite a bit of noise with default "passthrough" DENY and LOG rules. That's fine, I just want to be sure the firewall isn't dropping something that the scanner needs. Perhaps in a DMZ with an "allow everything out and established"?
Thanks.
