Deployment of additional scanning machines – PortSwigger

0

BUSINESS

When you did the initial installation of Burp Suite Enterprise Edition, you probably chose to run the Enterprise Server and the Web Server on the same machine where you run the scans. However, running too many concurrent scans on the same scan machine can cause performance issues. In this case, you may want to deploy one or more dedicated scanning machines to lighten the load on your business server machine.

To note

This page explains how to set up fixed scan machines as part of a standard deployment. For more information about using cloud-based autoscale analytics, see Managing Autoscale Analytics Resources.

Setting up a new scanner

The process of setting up a new scanning machine uses the same installer you used for the initial installation of Burp Suite Enterprise Edition. However, you may need to download a different installer if your intended scanning computer uses a different operating system.

To note

Make sure the Enterprise server can connect to https://portswigger.net throughout the scanning machine setup process. This is required for the system to activate the new scanning machine.

  1. On the machine you want to use, log in to your account page at portswigger.net.

  2. Under “Your licenses and products”, download the installer for the same version of Burp Suite Enterprise Edition that is installed on your Enterprise server machine.

  3. Open the installer and follow the same process as when installing Burp Suite Enterprise Edition. When asked what you want to use the machine for, deselect Running Enterprise Server and Web Server and select Running scans.

  4. When prompted, enter the hostname or IP address of the machine where you previously installed the Enterprise Server. External scanning machines automatically access the Enterprise server on port 8072.

  5. When the installation is complete, you receive a fingerprint of the scanning machine’s public key. You must keep it to later authorize the new scanner.

To note

For a single deployment of Burp Suite Enterprise Edition, you only need one license. It doesn’t matter how many scan machines you deploy or how many scans you run. However, if you wish to deploy Burp Suite Enterprise Edition in multiple environments, you must purchase a separate license for each environment. This also applies to test, development or staging environments, for example.

If you have any questions about your licensing requirements, please contact our customer support team at [email protected]

Authorize new scanner

Communication between the scanners and the Enterprise Server is protected by mutually authenticated TLS. When you set up a new scanning machine, it generates a unique fingerprint, which acts as a public key, and sends an authorization request to your Enterprise server. When the Enterprise server receives an authorization request, it displays the fingerprint that was used in the TLS handshake. You compare this fingerprint with the fingerprint you generated when setting up the new scanning machine to ensure that communication is happening directly with the genuine machine before authorizing it.

  1. Log in to the web UI as an administrator and navigate to Scan device settings page.

  2. On the Authorization requests you should see a pending authorization request showing the IP address of the new scanning machine (or, if NAT is used on the network, the IP address from which the scanning machine connection was received ) and the fingerprint of the public key.

  3. If you are using a standard deployment (as opposed to a Kubernetes deployment), choose the pool to which the analytics machine will belong. For details, see Managing scan pools.

  4. Compare the displayed public key fingerprint with the one you recorded after setting up the new scanning machine. If they match, click To allow.

This scanning machine is now available for use on the Scan device settings page and you can start assigning scans to it.

Share.

About Author

Comments are closed.