This guide will take you to the process of configuring an Internal Scanner Standalone VM on a certain instance.
An Internal Scanner is a decoupled scan engine that can allow Footprint to scan internal ranges and services that you do not want exposed to the internet.
You can configure an internal scanner either by:
📥 Downloading the installer and configuring the service yourself
💻 Installing a ready-made virtual machine and configuring it
This guide will show the steps to configure a ready-made virtual machine.
📥 Downloading the virtual machine
From the Footprint console, go to SCAN SURFACE in the main menu:
Once here, go to the SETUP SCANNERS menu option:
Once here, you will be presented with a brief overview of what an internal scanner is, as well as some required information:
🌐 Footprint Management URL: This is the URL of your Footprint instance
🔑 Internal Scanner Token: This is the token that you will use to authorize the internal scanner on your instance.
You can download the virtual machine in one of two flavors:
Image type | Hypervisor type | Supported versions |
|---|---|---|
VMDK Image | VMWare | VMWare Fusion > 14 VMWare Player > 14 VMWare Workstation > 14 |
VHD Image | Hyper-V | Windows 8 or greater |
Manual download links:
OVA Virtual Machine (5GB): https://update.codacloud.net/is/vm/IS-Full.ova
Hyper-V Virtual Machine Gen 1 (5GB): https://update.codacloud.net/is/vm/IS-Full.hyv.zip
VMWare VMDK Disk (5GB): https://update.codacloud.net/is/vm/IS-Full.vmdk.zip
Microsoft Hyper-V VHD Disk (5GB): https://update.codacloud.net/is/vm/IS-Full.vhd.zip
QEMU Image (qcow2 format - 6GB): http://update.codacloud.net/is/vm/IS-Full.qcow2.zip
🔧 Installing and configuring the scanner
Once you have downloaded the appropriate image for your hypervisor type, you will need to create a new virtual machine for the scanner.
Hyper-V
Start the Hyper-V Manager and go to ACTION ➡ NEW ➡ VIRTUAL MACHINE :
Follow the steps in the Virtual Machine wizard, assigning a name to the machine:
When prompted to select a generation, select GENERATION 1 :
Next, assign desired memory for the virtual machine. The minimum amount for a /24 scan is 4096MB (4GB).
Higher workloads may require more memory. We recommend leaving the USE DYNAMIC MEMORY checkbox selected.
With regards to networking, the Default Switch usually works fine:
When reaching the Connect Virtual Hard Disk step, select Use an existing virtual hard disk, select BROWSE and navigate to the downloaded VHD file:
Hit finish to complete the VM creation process:
The Virtual Machine will appear in your manager’s list:
To start the machine, double click it and click on the START button. This will boot up the machine and, after a few minutes, you will see the login screen of the VM:
VMWare
For the VMWare setup example, we will use the VMWare Workstation 16 Player. The setup process will be similar on other VMWare products.
First up, open VMWare Player and click on Create a New Virtual Machine:
In the New Virtual Machine wizard, select I will install the operating system later:
On the Guest Operating System page, select Linux and Ubuntu:
Give a name to the virtual machine and select the location where you want it to be stored:
On the next screen, keep the default options and select Store virtual disk as single file. We will not use the disk VMWare creates for us, but it is a required step in order to create a new VM.
Don’t worry about disk space use - the disk we create here won’t use any space because we won’t write anything to it.
On the final screen, hit FINISH to create the new machine:
Note: Make sure that you have at least 2 CPU cores, 8GB RAM and 80GB storage.
With our VM being created, we now need to associate the downloaded VMDK file. Right click the virtual machine and select SETTINGS :
In the window that appears, remove the existing Hard Disk (SCSI) entry:
Next up, click on Add… in the lower left, and select Hard Disk:
Select SCSI in the next screen and click Next:
In the Select a Disk screen, select Use an existing virtual disk:
Hit Browse on the next screen and navigate to the downloaded VMDK file:
Hit Finish when done.
If asked whether to convert existing format, select Keep existing format
On the next screen, click OK to save your changes. In order to start the VM, double-click it.
If you get a warning regarding device sata0:1, select no on the prompt.
The VM will start and you will be presented with the login screen:
🔧 Configuring the Internal Scanner
Now that our Internal Scanner is up, we need to configure it in order to link it to our Footprint instance.
Manual, Static IP Address Configuration
Please consult this KB article.
Configuring the required network permissions (outbound)
Remember to allow access from the Scanner to the following outside world destination if there is any firewall involved.
Destination | Port | Protocol | Encrypted | Purpose |
|---|---|---|---|---|
443 | HTTPS | Yes | Footprint IS Automated Updates (optional, highly recommended) | |
443 | HTTPS | Yes | Footprint IS Alerting Service (optional, highly recommended) | |
443 | HTTPS | Yes | Footprint IS - Console Connectivity (mandatory) | |
5671 | SSL | Yes | Footprint IS - Console Connectivity (mandatory) |
🔒 Retrieving the necessary credentials
In the Footprint Console, navigate to Scan Surface → Setup Scanners. On this page, you will see the management URL and token right above the download buttons:
You can click the Copy button next to each of these in order to add them to your clipboard.
You can use the Clipboard History feature to store multiple elements in your Clipboard. Access it via the Windows + V shortcut.
Setting up the credentials
Navigate to the URL listed on the internal scanner VM’s login screen (see above). You will see the following screen, displaying your scanner’s status:
Click the Configure button in order to input your credentials:
Label: a name that will identify this scanner in the console
Console URL: the URL of the Footprint console you are using (copy it from the Setup Scanners page)
Token: your account’s scanner token (copy it from the Setup Scanners page)
After configuring and clicking Save, the scanner will start registering with the console. This will take a few minutes, after which you will be able to see the scanner in your Deployed Scanners listing in the Footprint Console.
2 photos above show: status of the scanner controller (lef) and status in the Footprint platform (right)
After registering, the Internal Scanner needs to do a series of signature updates. These may take up to 15 minutes, in which the scanner will appear as Starting and you will not be able to use it to start new scans.
After the scanner is shown as Active, you are able to start new scans using it. Go to the Extend Area modal, input your scan targets and select your desired Internal Scanner using the dropdown in the footer:
That’s it! Your scanner will now process your inputs and you will be able to see your results in just a few minutes.
🔧 Troubleshooting
In case your IS does not successfully register to the console, please make sure the following steps are checked:
Log on to the IS VM Controller app (http://IS_INTERNAL_IP:8080) and check its status. Look for any warnings.
Check the time & date of the Virtualization Server Host & the Guest IS VM
Check the outbound connectivity of the IS VM to the required. Make sure it has network access to the required outside world as depicted above in the Required Network Permissions section. Please make sure the VM has network connectivity (IP address, subnet mask, default gw, dns servers) and that outbound traffic is allowed.
Make sure it has the minimum hardware resources required
If none of the above work, give us a call and we’ll be happy to support.
Comments
0 comments
Please sign in to leave a comment.