Installing Internal Agents

In order to scan a website located on your internal network, and not accessible from the internet, you can install and configure a scan agent on your network. The agent will conduct the actual scan job and then report the results back to Acunetix 360.

There are three stages to this process:

  1. Download and configure the Acunetix 360 scanning agent
  2. Run the agent on your local network where it can reach the internal website you want to scan
  3. Define and scan your internal website

Download and Configuring the Scanning Agent

First, you need to download the installation files of the scan agent and install them on a machine in your internal network.

Prerequisites

  • Windows Server 2012 or above (Windows Server 2012 R2 recommended)
  • .NET Framework 4.7.2
  • 1 GHz Processor (2.0 GHz or faster recommended)
  • 1 GB RAM (4 GB or higher recommended)
  • 2 GB Free Disk space  (5 GB or higher recommended)

Network Requirements

  • Agent should be configured so that it can reach your internal website through HTTP/HTTPS
  • Agent needs to be able to access the Acunetix 360 Application Server’s HTTP(S) (443) port
How to Download and Configure the Scanning Agent
  1. Open Acunetix 360.
  2. From the main menu, click Agents, then Manage Agents. The Agents window is displayed.
  3. Click Configure New Agent. The Configure New Agent window is displayed.

  1. Click to download the Acunetix 360 Scanner Agent. Your Agent Token is also displayed.
  • Extract the contents of the zip file to C:\A360_Agent. (You can use another location, but these instructions will use this path.)
  • Open the C:\A360_Agent\Acunetix.Cloud.Agent.exe.config file with your preferred text editor.

  • You need to edit two attributes before running the agent, listed under 'configuration/invicti/settings' (line 10 by default)
  • agentName
  • This can be anything you want. This text will be displayed when you are starting a new Scan. (If you are going to install more than one instance of the agent make sure you set a unique agentName value for each instance, something you will remember later.)
  • apiToken 
  • In Acunetix 360, the Agent Token is displayed in the Configure New Agent window. Copy it into the apiToken.

  • Save and close the C:\A360_Agent\Acunetix.Cloud.Agent.exe.config file.

Setting Scanning Agent as a Windows Service

An internal scan agent should be configured as a Windows service, so that it can poll the Acunetix 360 servers regularly, and can take the scan initiation command from the server.

How to Set the Scanning Agent as a Windows Service
  1. Open a command prompt in Administrator mode and add 'cd' into C:\A360_Agent.
  2. Run the command below to install the Acunetix 360 Scanning Agent as a Windows Service:
  • Acunetix.Cloud.Agent.exe -i
  1. You should see the following output.

  1. Press Windows+R, type 'services.msc' and press Enter.
  2. Find 'Acunetix 360 Scanning Service - [YOUR_AGENT_NAME]'.
  3. Right click on it, and select Properties.
  4. Make sure Startup type is set to Automatic, and click Start.

if_Gnome-Preferences-System-64_55738.png

Warning

Please note that although this service is set to start automatically, it will not restart until the PC is restarted too.

  1. Click Apply and OK, then exit the Properties window.
  2. The Acunetix 360 Scanning Agent is now running on your network, shortly it will be registered to Acunetix 360.

  1. You can uninstall the Windows Service by specifying the -u argument instead of the -i argument used during the Installation process.

Auto-Update Support for Scanner Agents

Acunetix 360 On-Demand users can install Acunetix 360 Scanning Agents on their own network, while Acunetix 360 On-Premises users can use their own Agents with Acunetix 360 in their own environments.

  • When a new Agent version has been published, users can update their Agents manually using installation files on the machines on which Agents are installed. Alternatively, users can update Agents manually by clicking Update Agent (visible only when the Enable Auto Update is not configured and the new version of the Agent is available).

While the update is in progress, the State field will display 'Updating'.

  • Alternatively, enabling Auto Update means that when the new version of the Acunetix 360 Scanning Agent is available, the target Agent will update itself as soon as possible when it’s idle.

if_Gnome-Preferences-System-64_55738.png

Warning

The new Auto Update feature was implemented in the last agent release (May 2019), so you should manually upgrade to the latest Agent version one more time. After that, you can use Auto Update.

How to Enable Automatic Agent Updates
  1. From the main menu, click Agents, then Manage Agents.

  1. Next to the relevant Agent, click the Command dropdown and select Enable Auto Update.
How to Disable Automatic Agent Updates
  1. From the main menu, click Agents, then Manage Agents.

  1. Next to the relevant Agent, click the Command dropdown and select Disable Auto Update.

Defining an Internal Website in Acunetix 360

Now, you have installed scan agents into your infrastructure, you should configure Acunetix 360 to let it know which websites should be scanned with an internal agent rather than with the built in-agents.

How to Define an Internal Website in Acunetix 360
  1. Open Acunetix 360.
  2. From the main menu, click Websites, then New Website. The New Website window is displayed.
  3. Enter your internal website details (see Adding a Website in Acunetix 360).
  4. From the Agent mode field, select Internal.

  1. Click Save. The Websites window is displayed.

  1. Next to the Internal Website you have created, click Scan. The New Scan window is displayed.

  1. From the Target URL field, select your Internal Website (if the field is not already populated).
  2. The Preferred Agent field is already selected by default. Your newly installed scanning Agent is displayed as an option. If you installed more than one instance, select the one which can access your Internal Website. If any of them can access your Internal Website, select the default option Any of the available agents. By selecting this, one of the idle agents will scan your website.
  3. Click Launch. (For simplicity, optimization and other settings are ignored in this procedure.)
  4. Your scan has been started in the Queued state. Shortly, you will see that its status changes to Scanning. Once it is completed, you will be able to explore the vulnerabilities found on your website.

 

« Back to the Acunetix Support Page