Configuring Acunetix 360 for Amazon Web Services

Acunetix 360 can be configured to run scanner agents on Amazon Web Services (AWS). When you launch a new scan, Acunetix 360 will create a new instance for the target scan and terminate it automatically once the scan is completed.

Once this setup is completed, you can configure Cloud Provider Settings.

AWS Configuration

First, you need to install and configure the scanner agent on an EC2 instance and then create a machine image (AMI) to use it as a base instance.

Each stage of this process is outlined below:

  1. Selecting a Region
  2. Creating S3 Buckets
  3. Creating IAM Users
  4. Creating an AMI for Scanner Agent
  5. Configuring Acunetix 360

Selecting a Region

Acunetix 360 uses AWS S3 for storage needs and EC2 for launching new instances.

if_Gnome-Dialog-Information-64_55568.png

Information

S3 and EC2 resources need to be in the same AWS region. For that reason, please choose an AWS region and create all resources in that region.

How to Select a Region

For information on how to select a region, see Amazon EMR documentation, Choose an AWS Region.

Creating S3 Buckets

Acunetix 360 needs three different buckets to store scan data.

How to Create S3 Buckets
  1. Open the AWS console and navigate to the S3 service.
  2. Create 3 buckets for screenshots, raw scan data and customizations. For example, you can use bucket names like this:
  • exampleinc.acx.scandata (for raw scan data)
  • exampleinc.acx.scanscreenshots (for screenshots)
  • exampleinc.acx.customizations (for customizations)

Creating IAM Users

Next, you must create IAM Users.

How to Create an Access Policy for the Web Application
  1. Go to the AWS console and navigate to the IAM service.
  2. Click Policies.
  3. Click Create Your Own Policy.
  4. Enter a policy name (e.g. ACXWebAppPolicy).
  5. Enter your bucket names to the policy template below (click to view) and paste it into the Policy Document field.

  1. Click Create Policy.
How to Create an Access Policy for the Scanner Agent
  1. Click Policies.
  2. Click Create Your Own Policy.
  3. Enter a policy name for scanner agent (e.g. ACXAgentPolicy).
  4. Enter your bucket names to the policy template below (click to view) and paste it into the Policy Document field.

   

  1. Click Create Policy.
How to Create a User for the Web Application
  1. Click Users.
  2. Click Add User.

  1. Enter a user name (e.g. ACXWebApp).
  2. In the Access type field, select Programmatic access, and click Next.

  1. Click Attach existing policies directly.
  1. Select the previously created web app policy.
  2. Click Next to create the web app user.
  3. Save the access and security key (you will need it later).
How to Create a User for the Scanner Agent
  1. Click Users.
  2. Click Add User.
  3. Enter a user name (e.g. NCAgent).
  4. Select Programmatic access for Access Type and click Next.

  1. Click Attach existing policies directly.

  1. Select the previously created scanner agent policy.
  2. Click Next to create the scanner agent user.
  3. Save the access and security key (you will need it later).

Creating an AMI for the Scanner Agent

There are three steps to this process:

  1. Launching an Instance for the Scanner Agent
  2. Configuring the Scanner Agent Instance
  3. Creating a Scanner Agent Image

Launching an Instance for the Scanner Agent

First, you need to launch an instance for a Scanner Agent.

How to Launch an Instance for a Scanner Agent
  1. Navigate to the EC2 service.
  2. From the main menu, click Instances.
  3. Click Launch Instance.
  4. Select Microsoft Windows Server 2012 R2 Base as AMI.

  1. Click Choose Instance Type and select an Instance Type (c4.large is recommended).

  1. Click Configure Instance.

  1. Set the Auto-assign Public IP dropdown to Enable. (This is needed for RDP connections.)
  1. Click Next: Add Storage and set the Disk Size (a minimum of 30 GB is recommended).
  2. Click Next: Add Tags.
  3. Click Next: Configure Security Group.
  4. Click Review and Launch.

Configuring the Scanner Agent Instance

Next, you need to install the Acunetix 360 Scanner Agent to the target EX2 instance.

How to Configure a Scanner Agent Instance
  1. Navigate to the EC2 service.
  2. From the main menu, click Instances.
  3. Right click the previously launched scanner agent instance, and click Connect.

  1. Connect to your instance with the supplied RDP information.
  2. Ensure you can connect to your on-premises Acunetix 360 web application from this instance.
  3. Download AgentSetup.exe to your instance.
  4. Run AgentSetup.exe and install the scanner agent.
  5. Start a command prompt and type: cd C:\Program Files (x86)\Acunetix 360 Agent

  1. By default, the scanner agent is not configured to run in AWS. Type this command to uninstall scanner agent windows service: Acunetix.360.Agent.exe /u.

  1. Open the agent’s configuration file with a text editor: C:\Program Files (x86)\Acunetix 360 Agent \Acunetix.360.Agent.exe.config.
  2. Navigate to <acunetix> section and set agentType to Cloud.
  3. Save Acunetix.360.Agent.exe.config file.
  4. Type this command to re-install the scanner agent windows service: Acunetix.360.Agent.exe /i

  1. The installed agent's Windows Service’s Startup Type will be 'Manual' (it must stay that way).

Creating a Scanner Agent Image

Next, you need to create an AMI that will be used as a base image for new scans.

How to Create a Scanner Agent Image
  1. Open Ec2LaunchSettings on your agent instance.

  1. Enable Handle User Data.

  1. In the Specify field, enter an RDP password.
  2. Click Shutdown with Sysprep.

  1. Open the EC2 instances page on the AWS console.
  2. Wait for the agent instance to be stopped.
  3. Once the agent instance has stopped, right click on it, and click Create Image. Enter a name for your image and click Create Image.

  1. Navigate to the AMIs page and save your AMI ID (you will need it later).

Configuring the Acunetix 360 Web Application

Next, you need to configure your AWS settings.

How to Configure the Acunetix 360 Web Application
  1. Make an RDP connection to your Acunetix 360 web application server.
  2. Log in to Acunetix 360.
  3. From the main menu, click Settings, then Cloud.
  4. Enter your AWS settings. (The Deployment Bucket Name field is not required. You can enter a dummy value.)
  • You can find the settings for the Instance Type, Subnet ID and Key Pair Name in your stopped instance’s details in AWS.
  • Click Security Group to get the Security Group id. (e.g. sg-abc3fec2)

  1. You can now run new scans on your AWS environment.

Updating the Web Application

Next, you need to update the web application.

How to Update the Web Application
  1. From the main menu, click Settings, then License.
  2. Click Check for Updates. Download the latest version.
  3. Run WebAppSetup.exe to update the web application to the latest version.

Updating Scanner Agent

Next, you need to update the Scanner Agent.

How to Update the Scanner Agent
  1. In the AWS EC2 console, open the AMI page. Right click on your current scanner agent’s AMI and launch an instance.
  2. Once your scanner agent instance is ready, make an RDP connection to it.
  3. Download the latest AgentSetup.exe to the scanner agent instance.
  4. Once the new scanner agent is installed, create a new AMI of your instance as described in How to Create a Scanner Agent Image.
  5. Next, log in to Acunetix 360. From the main menu, click Settings, then Cloud Provider Settings.

  1. Enter your new AMI and click Save.

 

« Back to the Acunetix Support Page