Installing a Scan Agent Via Dockerization

If you want to scan a website in a demilitarized zone (DMZ), internal networks that are not publicly accessible, you can install Acunetix scan agents in your network.

  • You can install an Acunetix 360 scan agent on any operating system that has Docker.
  • Using Docker means you don't need to install redundant files like drivers or operating system kernels, for example. This is an alternative method for installing Acunetix 360 Scan Agents.


This topic explains how to install an Acunetix 360 scan agent on Windows, Linux, or MacOS operating systems using dockerization. The steps are the same for each operating system.


In this document, for illustration purposes, you may see some Linux images.

Prerequisites:

  • Docker. To find out if your OS has Docker installed, type the following code in the shell:

docker -v

  • Install .7z so that you can extract the downloaded .7z installation file.
  • Administrator privileges to run the required commands.

Downloading and Installing the Agent

You need to download the installation files of the agent to a machine on your internal network.

Information

Downloading the Docker agent to your on-premises environment? Please contact support@acunetix.com.

How to download a Scan Agent in Acunetix 360 On-Demand
  1. Log in to Acunetix 360.
  2. From the main menu, go to Agents > Manage Agents > Configure New Agent.

  1. From the Agent section, select Docker to download the required files to install the scan agent. After extracting the downloaded .7z file, you will have these files:
  • Installing a Scan Agent via Dockerization.pdf
  • Acx360_Scan_Agent.tar
How to install a Scan Agent in Acunetix 360
  1. Load the image file, run the following command:

docker load < Acx360_Scan_Agent.tar

After entering the previous command, the system will start to download the image. It may take some time. Once the download is complete, a welcome message is displayed.

  1. Now that the latest version of scan agent's Docker image is installed, the next step is to boot up a container.

docker run -d --name {container name} --restart=always

-v {log file path in host machine}:/app/Logs/

-e "ApiToken={api token}"

-e "ApiRootUrl={api url}"

-e "AgentName={agent name}"

-e "IgnoreSslCertificateErrors=false"

-e "NhsPort=8080"

agent:{tag}


The command docker run would boot up a container. This table lists and explains the parameters required to further configure the container.

Parameter

Description

-d:

This denotes daemon mode. The container will work in the background.

--name : 

This gives a name to the container.

--restart=always:

This makes the container start automatically when the Docker service starts.

-v :

The parameters mount a directory in the container with a directory in the host. This setting allows you to see agent reports.

-e:

This parameter is used to set the environment variable for the container. The ApiToken, ApiRootUrl, and AgentName settings will be used by the scan agent.

AgentName: This can be anything you want. This text will be displayed when you are starting a new Scan. (If you plan to install more than one instance of the agent, make sure you set a unique agentName value for each instance, as it will be needed later.)

ApiToken: In Acunetix 360, the Agent Token is displayed in the Configure New Agent window. Copy this value into the apiToken.

ApiRootUrl: This would be the URL of Acunetix 360 On-Demand or Acunetix 360 Web On-Premises.

IgnoreSslCertificateErrors: This would ignore any SSL certificate errors on the scan target website.

NhsPort: This port is used for Netsparker Helper Service. If the port is already used, please change with any available port.

agent:{tag}: 

This is the image name from which the container will be created. The name of the image is agent, whereas {tag} is the version number of the image. We use the latest in our case.


How to Get an Agent Token for the Scan Agent

From the main menu, go to Agents > Manage Agents > Configure New Agent. In the Agent Token field, click Copy to clipboard ().


  1. You can now execute the following command in order to create a container.

  1. After the command is executed, the container is created. To see the result, you can execute the command below.

docker container ls

  1. The scanner agent container is now installed. You can check its status in Acunetix 360. From the Agents menu, select Manage Agents.

Now you can start a scan through the scan agent you just installed. To do that navigate to Scans > New Scan and select a website that agent mode is Internal. Then with other settings that required to start a scan, we can also select which agent would be used to scan the target:

« Back to the Acunetix Support Page