SUPPORT

24/5 Hotline Support Service

+44 (0)20 3588 3841

Open a Support Ticket

support@netsparker.com

Installing and Configuring Netsparker Enterprise On-Premises

Netsparker Enterprise is comprised of three parts.

All Netsparker editions support IPv6 both as servers and agents. This means you can configure Netsparker Enterprise On-premises server to use IPv6, and Netsparker Enterprise can scan websites that use IPv6.

Netsparker Enterprise Application Server

The Netsparker Enterprise Application Server provides the web interface that enables the efficient administration and automation of scans. This is the application that users will see and use via the Netsparker Enterprise UI.

Netsparker Enterprise Agent

Netsparker Enterprise Agent is a service application that executes scans and informs the Netsparker Enterprise Application Server of the results.

Netsparker Enterprise Authentication Verifier

Netsparker Enterprise Authentication Verifier is a service application that verifies form-based login authentication configuration. This is an optional component. If you are scanning websites that do not require form authentication, you don’t need to install it.

If you need help during installation, please contact support@netsparker.com.

Prerequisites

This section lists the minimum requirements for installing Netsparker Enterprise On-Premises.

Minimum Requirements for Netsparker Enterprise Application Server

All components (Netsparker Enterprise Application Server, Netsparker Enterprise Agent, Netsparker Enterprise Authentication Verifier and Database Server) can be installed on the same server, if the hardware meets the listed requirements.

We highly recommend that you install the Agents on separate servers, to maximise stability and performance.

Software Requirements

  • Windows Server 2012 or above (Windows Server 2012 R2 recommended)
  • Web Server (IIS) role should be installed on the server
  • IIS 8 or above (IIS 8.5 recommended)
  • .NET Framework 4.7.2

Hardware Requirements

  • 1 GHz Processor (2 GHz or faster recommended)
  • 1 GB RAM (4 GB or higher recommended)
  • 5 GB Free Disk space (20 GB or higher recommended)

Required Access for Installation

  • RDP credentials and access as a user with Administrator rights
  • Can be installed by a Netsparker Engineer (or the user) using the provided installer

Minimum Requirements for Netsparker Enterprise Agent

These are the minimum requirements for Netsparker Enterprise Agent.

Software Requirements

  • Windows Server 2012 or above (Windows Server 2012 R2 recommended)
  • .NET Framework 4.7.2

Hardware Requirements

  • 1 GHz Processor (2 GHz or faster recommended)
  • 1 GB RAM (4 GB or higher recommended)
  • 2 GB free disk space (5 GB or higher recommended)

Network Requirements

  • Agent needs to be able to access the Netsparker Enterprise Application Server’s HTTP(S) (443/80) port

Required Access for Installation

  • Installation of the Agent requires Administrator rights
  • Can be installed by a Netsparker Engineer (or the user) using the provided installer

Minimum Requirements for Netsparker Enterprise Authentication Verifier

These are the minimum requirements for Netsparker Enterprise Authentication Verifier.

Software Requirements

  • Windows Server 2012 or above (Windows Server 2012 R2 recommended)
  • .NET Framework 4.7.2

Hardware Requirements

  • 1 GHz Processor (2 GHz or faster recommended)
  • 1 GB RAM (4 GB or higher recommended)
  • 2 GB Free Disk space (5 GB or higher recommended)

Network Requirements

  • Authentication Verifier needs to be able to access the Netsparker Enterprise Application Server’s HTTP(S) (443/80) port

Required Access for Installation

  • Installation of the Authentication Verifier requires Administrator rights
  • Can be installed by a Netsparker Engineer (or the user) using the provided installer

Minimum Requirements for the Database Server

These are the minimum requirements for the Database Server.

Please note, the database is not provided by Netsparker. You must set it up yourself.

Software Requirements

  • Microsoft SQL Server 2008 or above (Microsoft SQL Server 2012 recommended)

Hardware Requirements

  • 1 GHz Processor (2 GHz or faster recommended)
  • 1 GB RAM (4 GB or higher recommended)
  • 2 GB Free Disk space (6 GB or higher recommended)

Network Requirements

  • Netsparker Enterprise Application Server needs to access this database server for the relevant port (1433 by default) or it needs to be on the same server

Required Access for Installation

  • Installation for configuring the Database Server requires either administrator or RDP access
  • Alternatively, database credentialsor database owner permissions are required, along with the Name of an empty SQL Server database
  • The Database Collation field should be configured as case insensitive

Downloading the Installer Files

The Installer files are conveniently downloaded in a .zip file.

How to Download the Installer Files

  1. Download the NetsparkerEnterprise.zip file you were emailed to your server
  2. Extract the .zip file to a directory
  3. Check that these four files are in the directory:
    • WebAppSetup.exe (Netsparker Enterprise Application Server installer)
    • AgentSetup.exe (Netsparker Enterprise Agent installer)
    • AuthVerifierSetup.exe (Netsparker Enterprise Authentication Verifier installer)
    • [company].nsc (License file)

Installing the Netsparker Enterprise Application Server

The Netsparker Enterprise Application Server is installed using a wizard.

How to Install the NC Application Server

  1. Run the WebAppSetup.exe file. The Netsparker Enterprise Web Application Setup wizard is displayed, and opens at the Ready to Install step.
  2. Click Install. The Installing Netsparker Enterprise Web Application step is displayed. Wait.

  1. The Completing the Netsparker Enterprise Web Application Setup Wizard step is displayed.

  1. Click Finish.
  2. Next, install Netsparker Enterprise Scanner Agent (see Installing Netsparker Enterprise Agent).
  3. Finally, install Netsparker Enterprise Authentication Verifier (see Installing Netsparker Enterprise Authentication Verifier).

Configuring Notification Settings

In the Netsparker Enterprise Application Server security scanner, you can configure SMS and email notifications to inform users instantly about the status of a web application security scan, or when specific vulnerabilities are identified on the web applications you are scanning.

To send invitations to new users or other email notifications you need to configure SMTP settings. You also need to have a Twilio account to be able to receive SMS notifications.

For further information, see Configuring Email and SMS Notification Rules.

How to Configure Notification Settings

  1. Login with an admin account.
  2. From the main menu, click Settings, then Email. The Email Settings window is displayed.
  3. Complete the form. If your SMTP server does not require a username and password, you can leave these settings empty.
  4. To configure your Twilio settings, from the main menu, click Settings, then SMS. The SMS Settings window is displayed.
  5. Complete the form.

Installing the Netsparker Enterprise Agent

The Netsparker Enterprise Agent is installed using a wizard.

How to Install the Netsparker Enterprise Agent

  1. Run the AgentSetup.exe file. The Netsparker Enterprise Agent Setup wizard is displayed, and opens at the Welcome to the Netsparker Enterprise Agent Setup Wizard step.
  2. Click Next. The Select Installation Folder step is displayed.

  1. Click Browse and select the installation folder.
  2. Click Next. The Agent Settings step is displayed.

  1. The Agent Name and API URL fields are already completed. (Agent Name can be configured to any value to help distinguish them from one another, and API URL should point to the WebApp URL.)
If you have already configured SSL/TLS for your NC Application Server, then you should enter that URL and ensure that you use HTTPS (for example: https://ncserver/).
  1. Complete the API Token field.
  2. Click Next. The Ready to Install step is displayed.

  1. Click Install. The Installing Netsparker Enterprise Agent step is displayed.

  1. Click Next. The Completing the Netsparker Enterprise Agent Setup Wizard step is displayed.
  2. Click Finish. The installation is complete.

Configuring Agent Selection

If you wish, you can select a specific agent while launching a scan.

How to Configure Agent Selection

  1. Login to the Netsparker Enterprise Application Server with an admin account.
  2. From the main menu, click Settings, then General. The General Settings window is displayed.

  1. Enable the Agent Selection Enabled checkbox and click Save.
  2. From the main menu, click Scans, then New Scan. The New Scan window is displayed.
  3. In the General tab, click the Preferred Agent dropdown and select an option.

  1. Complete the fields as required.

Installing Multiple Agents on the Same Operating System

If you want to install more than once agent on the same system, first install NC Agent as usual using the AgentSetup.exe file.

How to Install Multiple Agents on the Same Operating System

  1. Copy all files from the default Agent’s folder to new Agent’s folder. The default installation path is: C:\Program Files (x86)\Netsparker Cloud Agent.

For example, if you decided to use Agent-2 as the new Agent name, you could use this command to copy all files to new Agent’s folder:

xcopy "C:\Program Files (x86)\Netsparker Cloud Agent\*.*" "C:\Program Files (x86)\Netsparker Cloud Agent-2" /yie

This will create a new directory in C:\Program Files (x86)\Netsparker Cloud Agent-2 and copy in all the required files.

  1. Locate the new Agent’s folder and open the Netsparker.Cloud.Agent.exe.config file with a text editor. Set the new Agent’s name.

  1. Open a command prompt in Windows with Administrator rights and install the new Agent as a Windows Service using these commands:
    • This command changes the current folder to the new Agent’s folder:
      cd C:\Program Files (x86)\Netsparker Cloud Agent-2
    • This command installs the new Agent as a Windows Service:
      Netsparker.Cloud.Agent.exe /i
    • This command starts the new Agent’s Windows Service:
      Netsparker.Cloud.Agent.exe /s

Installing Netsparker Enterprise Authentication Verifier

The Netsparker Enterprise Authentication Verifier is installed using a wizard.

How to Install the Netsparker Enterprise Authentication Verifier

  1. First, run the AuthVerifierSetup.exe file. The Netsparker Enterprise Authentication Verifier Setup wizard is displayed, and opens at the Welcome to the Netsparker Enterprise Authentication Verifier Setup Wizard step.
  2. Click Next. The Select Installation Folder step is displayed.

  1. Click Browse and select the installation folder.

  1. Click Next. The Authentication Verifier Settings step is displayed.

  1. The API URL field is already completed. (It should point to the WebApp URL.)
  2. In the API Token field, enter your token. You can find this in API Settings.
  3. Click Next. The Ready to Install step is displayed.

  1. Click Install.

Securing Netsparker Enterprise

Now your Netsparker Enterprise installation is complete, you need to make it secure.

Configuring the SSL/TLS Certificate for Netsparker Enterprise Application Server

Unless your Netsparker Enterprise Application Server is configured to use HTTPS, the traffic between the Netsparker Enterprise Agents and Netsparker Enterprise Application Server will be in cleartext.

These instructions show you how to install your website certificate in Microsoft IIS.

https://comodosslstore.com/blog/ssl-certificate-installation-microsoft-iis-8-and-iis-8-5.html

How to Configure the SSL/TLS Certificate for Netsparker Enterprise Application Server

  1. Login to the Netsparker Enterprise Application Server with an admin account.
  2. From the main menu, click Settings,then General. The General Settings window is displayed.
  3. In the Server Root URL field,replace the protocol with ‘https’.
  4. If you have completed the SSL/TLS configuration before installing any of the Netsparker Enterprise Agents, then complete the following steps, because your configuration should already be correct.

If you need to go back and update your Agents, however, do the following:

      • Open Netsparker Enterprise Agent’s config file (default location is C:\Program Files (x86)\Netsparker Cloud Agent\Netsparker.Cloud.Agent.exe.config) and change the apiRootUrl to the new HTTPS link:

      • Restart the server on which the agent is installed. In order to accomplish a successful connection between the Agent and the NC Application Server, the HTTPS connection should contain no SSL/TLS errors. If you see any certificate errors, as illustrated, the agent will not be able to connect to the NC Application Server due to this SSL/TLS validation error:

You can install an internal trusted certificate on the Netsparker Enterprise Application Server and Netsparker Enterprise Agents. When both servers and visitors have this certificate, everything will work as expected.

Enabling Two-Factor Authentication

Netsparker Enterprise users can enable two-factor authentication. 2FA setup doesn’t require an online connection or transmit any kind of data to outside networks.

For further information, see Enabling Two-Factor Authentication.

Encrypting Connections to the SQL Server

Enabling SSL/TLS encryption increases the security of data transmitted between the SQL Server and Netsparker Enterprise Application Server. This is only necessary if the SQL Server is installed on a different server.

How to Encrypt Connections to SQL Server

  1. First, configure an SSL/TLS certificate for your SQL Server instance (see How to enable SSL encryption for an instance of SQL Server by using Microsoft Management Console).
  2. Next, from the main menu, click Settings, then Database. The Database Settings window is displayed.
  3. Enable the Encrypt Connection checkbox.
Netsparker

Dead accurate, fast & easy-to-use Web Application Security Scanner

GET A DEMO