This article shall list down the basic requirements and prerequisites for setting up Enterprise Recon 2.
Enterprise Recon is supplied as a fully contained virtual appliance ("the Master Server") that can be installed either on bare metal or within common virtualisation environments, including Hyper-V, Parallels, VMWare, and Xen. Though not absolutely required we strongly recommend the installation of agents on individual scan targets; these are available for most common operating systems (including AIX, FreeBSD, HPUX, Linux, macOS, Solaris, and Windows).
The hardware requirements for the Master Server are dependent on the number of scan targets and the number of concurrent scans, as well as the number of matches returned. As the latter value is difficult to predict in advance we recommend the following approximate specifications:
|Concurrent scans||No. of Targets||Disk usage/5 years||Memory|
|2||50||40 GB||8 GB|
|5||100||40 GB||8 GB|
|10||200||48 GB||8 GB|
|50||500||64 GB||8 GB|
|100||500||64 GB||8 GB|
|100||1000||128 GB||8 GB|
|200||2000||192 GB||12 GB|
|500||3000||256 GB||16 GB|
* Figures shown are estimates
** Please contact us to inquire on larger-scale requirements
The Master Server specifications have minimal impact on scanning throughput. Performance of scans is typically limited by the disk I/O on target machines.
Network ports requirements
Basic Master Server deployment
The following network ports are required for a simple Master Server deployment with Agent-based file scanning.
|System running Web Console||Master Server||80, 8080, 443||Web Console access|
|Master Server||updates.groundlabs.com||8843||Ground Labs update servers|
Node Agent & live scans
The following network ports are required at the Node Agent level and covers all live scanning scenarios.
|Windows host(using proxy Agent)||135, 139||Windows RPC enabled via WMI|
|Unix host (using proxy Agent)||22||SSH|
|HTTPS||443||SSL Website scan|
|Remote fileshare||135, 139||Windows RPC enabled via WMI|
|MS SQL DB||1433|
|Postgre SQL DB||5432|
|login.live.com||443||OneDrive authentication server|
|apis.live.net||443||OneDrive files & folders API server|
|www.dropbox.com||443||Dropbox authentication server|
|api.dropboxapi.com||443||Dropbox account info|
|content.dropboxapi.com||443||Dropbox file retrieval|
|<BUCKET NAME>.s3.amazonaws.com||443||Amazon S3|
|<ACCOUNT NAME>.blob.core.windows.net||443||Azure BLOB|
|<ACCOUNT NAME>.table.core.windows.net||443||Azure Table|
Below are links to articles with requirements & guides to their respective services.