Scribd
Upload
203 views

Aegify Scanner Installation Configuration Guide

This document provides instructions for installing the Aegify Scanner software, configuring scan settings, and troubleshooting potential issues. It outlines system requirements, the installation process, required ports and firewall rules, how to set up and schedule scans, and solutions for common scan failures. Key steps include downloading and running the installer, enabling .NET 3.5 and desktop features for Windows servers, whitelisting processes and ports, and ensuring sufficient system resources are available.

Uploaded by

Sudhakar Damacherla
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
203 views

Aegify Scanner Installation Configuration Guide

This document provides instructions for installing the Aegify Scanner software, configuring scan settings, and troubleshooting potential issues. It outlines system requirements, the installation process, required ports and firewall rules, how to set up and schedule scans, and solutions for common scan failures. Key steps include downloading and running the installer, enabling .NET 3.5 and desktop features for Windows servers, whitelisting processes and ports, and ensuring sufficient system resources are available.

Uploaded by

Sudhakar Damacherla
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 13

Aegify Scanner Installation and Scan Configuration Guide

Contents
1. System Requirements ..................................................................................................................... 2
2. Scanner Installation......................................................................................................................... 2
3. Prerequisites for running Scans ...................................................................................................... 4
4. Scan Setup ....................................................................................................................................... 5
5. Scan Failure Scenarios and solutions .............................................................................................. 8
6. Enable .Net 3.5 and Desktop Experience in Windows Server......................................................... 9
6.1 Windows Server 2008 R2 ........................................................................................................ 9
6.2 Windows Server 2012 ........................................................................................................... 10
7. Whitelisting IPs in some Network Firewall/UTM devices ............................................................. 12
7.1 Fortigate ................................................................................................................................ 12
7.2 Sonicwall ............................................................................................................................... 13

Confidential Page 1
1. System Requirements

i. 64-bit Operating Systems:


a. Microsoft Windows Server 2016
b. Microsoft Windows Server 2012 R2
c. Microsoft Windows Server 2008 R2
d. Microsoft Windows 8.1
e. Microsoft Windows 7 SP1
If you are using a Windows Server edition, enable .NET3.5 and Desktop Experience
features. Refer to step-by-step guide here to enable these two features.

ii. Hardware specifications:


a. Minimum 2 GHz processor
b. 8 GB RAM available
c. Minimum 10 GB available disk space
d. 100/1000 Mbps Ethernet Network interface

2. Scanner Installation
i. Login to app.aegify.com
a. Go to Security  Download Aegify Scanner
ii. Click on “Download Aegify Scanner”
iii. Right click on downloaded Aegify_Scanner.exe and Run As administrator
iv. Your computer may ask you to confirm that you wish to install. Click on Yes to continue.

v. Log in screen will appear. Log in using your app.aegify.com credentials.

Confidential Page 2
vi. The tool will then check and confirm that you have enough available memory, Microsoft .Net
Framework (3.5 or 4.0) software and the required port (40814) access. The tool will check the
first two requirements automatically. The vast majority of users will also meet the port

Confidential Page 3
requirement. If you are unsure, simply check the box and click on “Next”.

vii. Accept the terms of licence agreement and click on “Next”.


viii. Assign a name for your scanner installation. Assign Installation location by clicking on
“Browse” button or continue with default location and click on “Next”.
ix. Aegify Scanner installation will take a few minutes. When prompted, click “Finish
Installation”.

3. Prerequisites for running Scans


i. On the scanner machine, Anti-virus / Endpoint Security modules, allow traffic on port 40814.
ii. On the scanner machine, Anti-virus / Endpoint Security modules / Windows Defender,
whitelist the Aegify installation directory and the following EXEs located in it:
a. <Installation-Dir>\cpe\Agent\SGRC_Nx\nse\nseserv.exe
b. <Installation-Dir>\cpe\Agent\SGRC_Nx\nse\nxengine.exe
c. <Installation-Dir>\cpe\Agent\SGRC_Nx\nse\nmap\nmap.exe
d. <Installation-Dir>\cpe\Agent\SGRC_Nx\nse\nmap\winpcap-nmap.exe

Confidential Page 4
e. <Installation-Dir>\cpe\Agent\SGRC_OV\core\openvpn.exe
f. <Installation-Dir>\cpe\Agent\SGRC_OV\core\capiws.exe

iii. In the network UTM / IDS / IPS / Firewall systems, allow traffic to and from:
a. *.aegify.com
b. 23.21.184.198
c. 54.235.149.152
d. 54.235.149.253
e. 54.235.149.255
f. 54.235.255.182
g. 107.20.236.174
h. 52.22.126.29
i. 52.21.136.240
j. 138.128.240.253
Please note these IPs can change in the future.
iv. In the network UTM / IDS / IPS / Firewall systems, allow all traffic for from IP address of the
system on which Aegify Scanner is installed.

4. Scan Setup
i. Login to app.aegify.com
a. Go to Security  Aegify Scanner Management
ii. Select Scan Type – Internal Scan
iii. You will find a default Scan Configuration already created up on successful installation. The
scanner performs an asset discovery automatically on the subnet where it is installed.
iv. Click on the Scan Configuration already created for you. If a scan or asset discovery is in
progress, you cannot edit the scan configuration
a. You can edit Name/Description
b. Choose the scanner you want to use for this configuration.
c. Scan Template is selected by default (Recommended for first time scan). You can choose
other templates for other scan configurations, if you want.

Confidential Page 5
v. Click on “Schedule” tab in the same window.
a. Check the box “Enable Schedule”
b. Choose scan start time and Repeat frequency. Repeat frequency is not mandatory.

vi. Click on “Hosts” tab in the same window.


a. Enter IP addresses of systems to be scanned in Included Hosts box. This list can be
individual IP addresses entered one in each line or a range of IP addresses. Alternatively,
you can find automatically detected hosts in “Select Hosts from Here” box by selecting
clicking on “< Add” button.

Confidential Page 6
b. If you enter a range and would like to exclude some systems in it, enter those IP
addresses in the box “Excluded Hosts” box.

vii. Click on “Advanced Settings” tab in the same window.


a. Optionally setup admin credentials for the scanner to logon to the target systems and
report accurate system level information/vulnerabilities which cannot be detected over
the network without authentication.
b. Use Windows domain admin user credentials to get started with authenticated scans for
Windows environments. Click on Add button and select “Microsoft Windows/Samba
(SMB/CIFS” Logon type. Provide a Name, Domain, user name and password and click on
OK.

Confidential Page 7
viii. Click on “Save and Close” button.

ix. Scan process will start within 6 minutes and actual scan can take between 30 minutes and
several hours depending on the number of systems being scanned.

5. Scan Failure Scenarios and solutions


i. Discovery failed for 5 times
ii. Scan failed at step 2 of 10
iii. Scan failed at step 3 of 10
iv. Scan failed at step 5 of 10 and the scan engine pairing with server failed
a. Aegify services and processes are being terminated by antivirus / endpoint security /
Windows Defender. Ensure these security applications are configured to whitelist the
Aegify installation folder and the following EXEs in it:
o \cpe\Agent\SGRC_Nx\nse\nseserv.exe
o \cpe\Agent\SGRC_Nx\nse\nxengine.exe
o \cpe\Agent\SGRC_Nx\nse\nmap\nmap.exe
o \cpe\Agent\SGRC_Nx\nse\nmap\winpcap-nmap.exe
o \cpe\Agent\SGRC_OV\core\openvpn.exe
b. Port 40814 may be blocked by Antivirus, Firewall or Endpoint Security on the scanner
machine. Allow incoming traffic on this port.

Confidential Page 8
c. UTM / IDS / IPS or Firewall at the customer network perimeter is blocking the traffic
from the scanner machine to Aegify cloud servers. Ensure the traffic to and from the
following IPs is whitelisted.
o *.aegify.com
o 23.21.184.198
o 54.235.149.152
o 54.235.149.253
o 54.235.149.255
o 54.235.255.182
o 107.20.236.174
o 52.22.126.29
o 52.21.136.240
o 138.128.240.253
Please note these IPs can change in the future.
v. All the above settings are made and nseserv.exe is running fine during step-3 of 10. But
the scan failed at step 3 of 10:
a. Ensure a minimum of 6 GB free RAM is available out of the total memory for the scan
engine process to run.
b. Ensure port 40814 is not in use on the scanner machine

6. Enable .Net 3.5 and Desktop Experience in Windows Server

6.1 Windows Server 2008 R2


1. Open the server Manager
2. Select Features in the left side navigation tree
3. Ensure .NET Framework 3.5 is semi-selected and has (Installed) at the end of the feature text
4. Select Desktop Experience
5. Click on Add required Features in the pop-up
6. Click on Install button
7. Wait for the installation to complete and restart the machine.

Confidential Page 9
6.2 Windows Server 2012
1. Open the server Manager
2. Select Add roles and Features options, and go to the Features
3. Select .NET Framework 3.5 (includes .Net 2.0 and …)
4. Select Desktop Experience under User Interfaces. Click on Add required Features in the pop-
up shown on selecting desktop experience
5. Click on Install button
6. Wait for the installation to complete and restart the machine.

Confidential Page 10
Confidential Page 11
7. Whitelisting IPs in some Network Firewall/UTM devices

Please note:

Network security devices might have Firewall, IPS, Web Filter, Content Filter modules. Whitelisting in
all these modules is required.

Check the product links below how to whitelist IPs. There could be some variations in the user
interface of other devices in the same product family.

7.1 Fortigate
http://help.fortinet.com/coyotepoint/10-3-3a/Content/Protection/Whitelists_and_Blacklists.htm

http://help.fortinet.com/fweb/582/index.htm#FortiWeb/fortiweb-
admin/global_object_white_list.htm?Highlight=white

Confidential Page 12
7.2 Sonicwall
Firewall Access Control Lists

https://www.sonicwall.com/en-us/support/knowledge-base/170503532387172

If Intrusion Prevention System (IPS) module is enabled:

https://www.sonicwall.com/en-us/support/knowledge-base/170503503654835

If Content Filtering System(CFS) module is enabled:

https://www.sonicwall.com/en-us/support/knowledge-base/170503866422777

******

Confidential Page 13

You might also like