Hardware and software requirements
The following tables provide a summary of the hardware and software required to run the software.
Average size deployment requirements
This configuration supports an average size deployment: 3-4 Dynamic Analysis Scanners (4 concurrent scan jobs per scanner). Larger deployments or loads might require more resources.
- Number of virtual sockets: 4
- Number of cores per socket: 1
Machine that hosts the SQL Server Database | Machine that hosts the AppScan® Enterprise Server Also applicable for an AppScan® Source deployment |
Machine that hosts the Dynamic Analysis Scanner | |
---|---|---|---|
Operating System |
Note: See the Database section for details on supported SQL Server
versions.
|
Note: The following environmental components are automatically installed
during installation:
|
|
Processor | Quad-core CPU | Quad-core CPU | Quad-core CPU |
RAM |
|
16 GB | 16 GB Note: If running more than 4 scans in parallel,
increase to 24+ GB. |
Hard disk specific | Fast input/output refers to the fast network and disk access, for example, use of Gigabit networking and use of a fast hard-drive such as SCSI or SSD for running the database. The requirement for "Fast input/output" depends on usage. Both the Dynamic Analysis Scanner server and the AppScan Enterprise Console server directly depend on a good connection to the SQL Server Database server and a good performing SQL Server database server. The faster the SQL Server Database server can handle requests, the more the system will be able to handle simultaneous scans and the faster the whole system will be in terms of UI responsiveness, report generation, etc. The disk speed on your local scanners should be fast as well. | Fast input/output refers to the fast network and disk access, for example, use of Gigabit networking and use of a fast hard-drive such as SCSI or SSD for running the database. The requirement for "Fast input/output" depends on usage. Both the Dynamic Analysis Scanner server and the AppScan Enterprise Console server directly depend on a good connection to the SQL Server Database server and a good performing SQL Server database server. The faster the SQL Server Database server can handle requests, the more the system will be able to handle simultaneous scans and the faster the whole system will be in terms of UI responsiveness, report generation, etc. The disk speed on your local scanners should be fast as well. | |
Hard disk drive size |
|
200 GB | 500 GB |
Operating system installation drive (Generally, C drive) | minimum 10 GB Note: It
is recommended to constantly monitor the system installation drive's disk
space availability. You must always ensure to free up the disk space
whenever space drops below 10 GB. If you are running AppScan
Enterprise server on a drive other than operating system (OS)
installation drive, then a minimum of 10 GB free disk space must be
available on OS installation drive, that is, in addition to 10 GB free
disk space where you are running the AppScan Enterprise server (For
example: D, E drive and so on). |
||
Required user accounts | Service account |
Software requirement options
- Operating System
-
Also applicable for an AppScan® Source deployment
- Windows™ Server 2012 (DataCenter) x86-32, 64-bit tolerate
- Windows™ Server 2012 (Standard) x86-32, 64-bit tolerate
- Windows™ Server 2012 R2 (DataCenter) x86-32, 64-bit tolerate
- Windows™ Server 2012 R2 (Standard) x86-32, 64-bit tolerate
- Windows™ Server 2016 (Standard and Datacenter) x86-32, 64 bit tolerate
- Windows™ Server 2019 (Standard and Datacenter) x86-32, 64 bit tolerate
- Windows™ Server 2022 (Standard and Datacenter) x86-32, 64 bit tolerate (supported only in agent)
- The Windows™ 10 Enterprise, Professional, and Ultimate
operating systems are only for the client-side components of AppScan® Enterprise:
- Browser
- Activity Recorder
- AppScan Dynamic Analysis Client
Note:- AppScan® Enterprise is a 32-bit product. It will run on a 64-bit machine, but in 32 bit mode.
- The installer for the Dynamic Analysis Scanner and AppScan® Enterprise Server checks for the .NET 4.7.2 framework, and installs it if it does not exist.
- For best results, install all critical Microsoft™ software updates.
- If the website being scanned uses technologies such as Flash, Windows™ Media, and additional character sets, these technologies must also be installed on the agent server machines.
- Web Server
-
- IIS8.0 (Windows™ Server 2012)Note: IIS8.0 must be enabled on the Windows™ Server 2012 so that AppScan® Enterprise Server properly installs (not required for servers running Scanning Agents only). You must enable the following roles and features for IIS8.0:
- Common HTTP features (all components except HTTP Redirection)
- Application development (ASP.NET, ISAPI Extensions, ISAPI Filters)
- Health and diagnostics (HTTP Logging, Request Monitor)
- Security (Basic and Windows™ Authentication)
- Performance (Static Content Compression)
- Management tools (IIS Management console)
- IIS 6 Management Compatibility (All)
- IIS8.5 (Windows™ Server 2012)Note: IIS8.5 must be enabled on the Windows™ Server 2012 so that AppScan® Enterprise Server properly installs (not required for servers running Scanning Agents only). You must enable the following roles and features for IIS8.5:
- Common HTTP features (all components except HTTP Redirection)
- Application development (ASP.NET, ISAPI Extensions, ISAPI Filters)
- Health and diagnostics (HTTP Logging, Request Monitor)
- Security (Basic and Windows™ Authentication)
- Performance (Static Content Compression)
- Management tools (IIS Management console)
- IIS 6 Management Compatibility (All)
- IIS10 (Windows™ Server 2016)Note: IIS10 must be enabled on the Windows™ Server 2016 so that AppScan® Enterprise Server properly installs (not required for servers running Scanning Agents only). You must enable the following roles and features for IIS10:
- Common HTTP features (all components except HTTP Redirection)
- Application development (ASP.NET, ISAPI Extensions, ISAPI Filters)
- Health and diagnostics (HTTP Logging, Request Monitor)
- Security (Basic and Windows™ Authentication)
- Performance (Static Content Compression)
- Management tools (IIS Management console)
- IIS 6 Management Compatibility (All)
- IIS10 (Windows™ Server 2019)Note: IIS10 must be enabled on the Windows Server 2019 so that AppScan Enterprise Server properly installs (not required for servers running Scanning Agents only). You must enable the following roles and features for IIS10:
- Common HTTP features (all components except HTTP Redirection)
- Application development (ASP.NET, ISAPI Extensions, ISAPI Filters)
- Health and diagnostics (HTTP Logging, Request Monitor)
- Security (Basic and Windows™ Authentication)
- Performance (Static Content Compression)
- Management tools (IIS Management console)
- IIS 6 Management Compatibility (All)
- IIS8.0 (Windows™ Server 2012)
- Database
-
Note:
- While Enterprise and Standard editions are supported for the following SQL Server versions, the Enterprise edition has superior scalability and security-enabling capabilities, such as built-in support for Transparent Data Encryption (TDE). Standard Edition can be secured through MS Windows™ Encrypting File System (EFS) or other third party encryption methods.
- While both 64 and 32 bit versions of SQL Server are supported, using the 64-bit version of SQL Server can result in better performance. The 32-bit version works best for evaluation and small deployments.
- If your environment uses a named SQL Server for the AppScan® Enterprise database, make sure that TCP/IP is enabled in the SQL Server configuration manager, and restart the SQL services for SQL Server and SQL Server browser.
- Microsoft™ SQL Server 2012
- Microsoft™ SQL Server 2014
- Microsoft™ SQL Server 2016 (SP2-CU17)
- Microsoft™ SQL Server 2017
- Microsoft™ SQL Server 2019
- Microsoft™ SQL Server 2019 Standard CU8
- Microsoft™ SQL Server 2019 Standard CU4
- Microsoft™ SQL Server 2019 Enterprise CU8
- Microsoft™ SQL Server system requirements available from Microsoft™ (http://www.microsoft.com/sqlserver/2005/en/us/system-requirements.aspx).
- Other Prerequisites
- Ensure that ASP.Net is installed and enabled in IIS.
- Supported Browsers
-
Minimum resolution: 1024x768. Higher resolution recommended.
- Microsoft™ Internet Explorer 8.0 (with Silverlight),
9.0, 10.0, 11.0 Note:
- When using IE 8.0, you must install Microsoft™ Silverlight to view the charts in the Monitor view.
- Mozilla Firefox 31.0 (ESR)
- Mozilla Firefox 38.0 (ESR)
- Google Chrome
- Microsoft™ Internet Explorer 8.0 (with Silverlight),
9.0, 10.0, 11.0
HCL® License Server
- Defect Tracking Systems
-
- Atlassian JIRA 6.4.1, 7.0
- Rational® Team Concert 3.0, 3.0.1, 4.0, 4.0.1, 4.0.3, 5.0.2, 6.0.1, 6.0.4, 6.0.6
- Rational® Quality Manager 2.0, 2.0.1
- Supported Integrations
-
- AppScan® Source v9.0.1.1 and higher (versions 7.0 - 9.0.0 are supported for importing of security results only)
- AppScan® Standard V7.7 - V9.0.4 inclusive (previous versions are supported for importing of security results only)
- IBM® Security SiteProtector™ 3.0, 3.0.0.1, 3.1
- IBM® Security QRadar® SIEM 7.0 MR5, 7.1 MR2, 7.2, 7.2.1, 7.2.2, 7.2.3, 7.2.4, 7.2.5
- WebSphere® Portal 6.0.1.4 and higher
- VM
- VMware ESXi 7.0.2
- Application Server
- WebSphere® Application Server Liberty Core 20.0.0.12
- Java(TM) SE Runtime Environment
- IBM J9 VM, Version: java version 1.8.0_191.
- Supported technologies
- See Supported technologies.
Allowlist
For some Command Execution and Remote File Inclusion security tests, including those for
the Log4j vulnerability, both the AppScan Enterprise agent and the tested server must be
able to send DNS lookup queries to securityip.appsechcl.com
Translated languages
The AppScan® Enterprise user interfaces are available in these languages:- English
- French
- German
- Italian
- Japanese
- Korean
- Brazil Portuguese
- Russian
- Spanish
- Simplified Chinese
- Traditional Chinese