Installation Requirements

Owned by Andy Trayler
Jul 03, 2018

It is highly recommended that you provide a dedicated server for the installation. When the Scan Engine is sharing an environment with other applications, you must ensure that sufficient resources are available for the duration of the scan. SQL Server should be installed on a separate server.

Hardware Requirements


Component

Physical Recommended

Physical Minimum

Recommended if using a VM

Minimum if using a VM

CPU Physical

2 x 2.6GHz Dual Core CPU

1 x 2.4GHz Dual core CPU

4 x 2.6GHz vCPU

2 x 2.4GHz vCPU

RAM (Available)

8GB

4GB

8GB

4GB

HDD This storage is scaled for an estate scan of 4000 devices with full logging enabled.

260MB + SQL DB data (60GB) + 10GB Logs

260MB + SQL DB data (60GB) + 10GB Logs

260MB + SQL DB data (60GB) + 10GB Logs

260MB + SQL DB data (60GB) + 10GB Logs

Additional Disk for 3rd Party Libraries

1 Gb

1 Gb

1 Gb

1 Gb



Software Requirements

The Scan Engine runs on a Windows Server using MS SQL Server as its data repository and IIS for its presentation layer. The Windows Server hosting the scan engine service must be configured to trust Thawte digital signatures.

Requirement

Minimum

Recommended

 

Common

Windows Server 2012

Windows Server 2012 R2

 

 

.NET Framework 4.5.1

.NET Framework 4.5.1

 

 

SQL Server 2012 Express Service Pack 3 applied The recommended SQL Server Collation setting is Latin1_General_CI_AS

SQL Server 2012 Standard 64-bit Service Pack 3 applied The recommended SQL Server Collation setting is Latin1_General_CI_AS

 

Browser

IE 10

IE 11

 

SQL Server User Permissions

Installation:

  • Provide a SQL SERVER user or Active Directory account that has 'CREATE ANY DATABASE' (dbcreator) server permission.
  • The provided user will become the db_owner of the Scan Engine database (if it doesn't already exist).

    Run-Time: At run time, the user identity is remembered from the installation step
  • the user supplied at install time must have VIEW ANY DEFINITION and VIEW SERVER STATE permission.
  • if the user supplied at install time is not db_owner – user requires db_readdata and db_writedata. This scenario is only likely to occur if additional scan engine(s) are installed that share a SQL server Scan Engine database; a different SQL Server installation user could be provided to access the existing Scan Engine Database.

    Upgrade:
  • Supply a user with the db_owner role and with VIEW ANY DEFINITION and VIEW SERVER STATE permission.

 

 

Interface

IIS Server v8.0 with ASP.net (which must be pre-installed)
See 3.4 IIS Requirements in this document for full description of IIS requirements_IIS_Requirements_2

 

IIS Server v8.0 with ASP.net (which must be pre-installed)
See 3.4 IIS Requirements in this document for full description of IIS requirements_IIS_Requirements_2

 

IIS Default Web site must be present prior to installation.

 

IIS Default Web site must be present prior to installation.


NOTE: Although not a requirement it is strongly recommended that before an installation that a certificate and https binding be configured for the Default Web Site for the SLL flag to be set through the installation process.

Standard SQL Server Configuration

The Scan Engine database components are installed into a Microsoft SQL server instance. The installation of SQL Server database should follow the installation instructions supplied by Microsoft.
The following configuration changes are required:

  1. The database user account that is used for installing the scan engine should have elevated privileges (with the ability to create a new database).
  • Installation requires a database user that has dbcreate permissions.
  • If the database does not exist, creating the DB will mark the selected user as a member of dbowner.
  • For the scan engine, the database user that is selected during the installation process will continue to be used as the Application login identity for the database. The selection of the 'SA' account is, therefore, not recommended.
  1. The database logging should be configured to simple by default.
  2. It is recommended that the database growth interval be changed to 256MB (for Database and Logs).
  3. The .NET CLR option in SQL Server must be enabled for the scan engine to function correctly:

    sp_configure @configname=clr_enabled, @configvalue=1GORECONFIGURE GO

    NOTE: It is recommended that SQL Server Profiler option is enabled as part of the SQL Server installation; it is a useful troubleshooting tool.