Enterprise Recon 2 requirements

Introduction

This article shall list down the basic requirements and prerequisites for setting up Enterprise Recon 2.

 

Hardware Requirements

Enterprise Recon is supplied as a fully contained virtual appliance ("the Master Server") that can be installed either on bare metal or within common virtualisation environments, including Hyper-V, Parallels, VMWare, and Xen. Though not absolutely required we strongly recommend the installation of agents on individual scan targets; these are available for most common operating systems (including AIX, FreeBSD, HPUX, Linux, macOS, Solaris, and Windows).

The hardware requirements for the Master Server are dependent on the number of scan targets and the number of concurrent scans, as well as the number of matches returned. As the latter value is difficult to predict in advance we recommend the following approximate specifications:

 

Concurrent scans No. of Targets Disk usage/5 years Memory
2 50 40 GB 8 GB
5 100 40 GB 8 GB
10 200 48 GB 8 GB
50 500 64 GB 8 GB
100 500 64 GB 8 GB
100 1000 128 GB 8 GB
200 2000 192 GB 12 GB
500 3000 256 GB 16 GB

* Figures shown are estimates
** Please contact us to inquire on larger-scale requirements

The Master Server specifications have minimal impact on scanning throughput. Performance of scans is typically limited by the disk I/O on target machines.

 

 

Network ports requirements

Basic Master Server deployment

The following network ports are required for a simple Master Server deployment with Agent-based file scanning.

Source Destination Port Comments
System running Web Console Master Server 80, 8080, 443 Web Console access
Master Server updates.groundlabs.com 8843 Ground Labs update servers

Node Agent & live scans

The following network ports are required at the Node Agent level and covers all live scanning scenarios.

Source Destination Port Comments
Master Server Node Agent  11117 Master Server will only initiate communication with Node Agent when relaying Scan Schedule instructions.




Node Agent




      
Master Server  11117  
Windows host(using proxy Agent) 135, 139 Windows RPC enabled via WMI
Unix host (using proxy Agent) 22 SSH
HTTP 80 Website scan
HTTPS 443 SSL Website scan
IMAP 143  
IMAPS 993  
Remote fileshare 135, 139 Windows RPC enabled via WMI
MySQL DB 3306  
MS SQL DB 1433   
Oracle DB 1521  
IBM DB2 1433  
Postgre SQL DB 5432  
Microsoft Exchange 135   
Office 365 443   
login.live.com 443 OneDrive authentication server
apis.live.net 443 OneDrive files & folders API server
www.dropbox.com 443 Dropbox authentication server
api.dropboxapi.com 443 Dropbox account info
content.dropboxapi.com 443 Dropbox file retrieval
api.box.com 443 Box.NET API
<BUCKET NAME>.s3.amazonaws.com 443 Amazon S3
<ACCOUNT NAME>.blob.core.windows.net 443 Azure BLOB
<ACCOUNT NAME>.table.core.windows.net 443 Azure Table
<ACCOUNT NAME>.queue.core.windows.net 443 Azure Queue

 

Services

Below are links to articles with requirements & guides to their respective services.

 

 

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.