This article shall serve as a step-by-step guide on setting up a local file-system scan from scratch.
This guide assumes you are a new user who've just installed Enterprise Recon on your Master Server and looking to scan a Windows workstation (hereby dubbed, 'Target A').
Adding a Target
Firstly, we need to install a Node Agent on Target A and then add it as a Target in Enterprise Recon.
- Login to your Enterprise Recon web console by entering the IP Address shown on your Master Server into your web browser's address bar
- Once logged in, head over to the 'Node Agent Downloads' page located under the 'Downloads' section by the left bar
- Download & install the respective Node Agent package for your system
Make sure to verify the Node Agent in your ER web console after installation
For more information, visit this article
- If all goes well, Target A should now be listed as a Target under the default group
- From the Dashboard, start a new search
- Expand the default group and select Target A, then click 'Next'
For more information about adding a new Location, visit this article
- On this page, choose the type of data you wish to search for and click 'Next'
If you click on the 'Add' button, you may create your own Data Type Profile, implement Filter Rules, as well as enable additional features, for more information visit this article
- This page is where you set the scan to run immediately or schedule for later
You can also set the scan to repeat itself using the 'How Often' drop-down menu
Notifications may also be sent via email by selecting 'Notify' beside 'After Search'
Under 'Advanced Options', you can configure the scan to pause during specific time/days (enter 24h format), change the 'CPU Priority', 'Limit Data Throughput' as well as enable 'Scan Trace'
Once you're done, hit 'Next'
- Confirm your details and click 'Start Scan'
Scanning via proxy Node Agent
Now that you've successfully added and scanned Target A, you may use the Node Agent installed in Target A to scan other Targets!
However, please note that each Node Agent can only be used to scan their respective OS.
(Windows Agent for Windows Targets, Linux Agent for Linux Targets, etc.)
With the exception of the Windows Database Runtime Agent which can scan Databases across any OS as well.
To use Target A as a proxy Node Agent to scan other Windows Targets, follow these brief instructions:
- In your Enterprise Recon web console, start a new search
- You will first have to add your new Windows Target
If you've configured ER to scan your network range, you should see a list of 'Discovered Targets', you may browse and select the Windows system you wish to scan next from here
Otherwise, click on 'Add Unlisted Target' and enter the hostname of your new Target
- Select to scan 'All local files' then click 'Done' and 'Next'
- In the next step, choose to assign this Target to a Group, then specify the OS of your new (Windows) Target
Then tick the 'Would you like to search this target without installing an agent on it' checkbox
Input the appropriate logon credentials for your new Target
At the bottom, 'Agent to act as proxy host', choose Target A
- Proceed with the rest of the steps and scan
How to change proxy Node Agent
If you'd like to use another proxy Agent on an existing Target, simply go to your 'Targets' page, hover your mouse over the Target in question and click the settings icon to the right of it.
Select 'Edit Target' and then the 'Change Credentials' tab.
You may also stop using a proxy Node Agent by un-checking the 'Would you like to search this target without installing an agent on it' checkbox.
All information in this article is accurate and true as of the last edited date.