Internal Agents in Acunetix 360
In some organizations, some websites will only be available on the local network (and not on the internet). You can use our Internal Agent feature to scan your internal websites while the results remain on our Acunetix 360 servers.
You can install an internal agent in Windows, Linux, Docker, and OpenShift. For further information, see Installing Internal Agents.
The Internal Agents feature is available in both Acunetix 360 (On-Demand) and On-Premises.
- After installing the internal agent on your network, you should specify a website to scan it with the internal agent (see How to Configure an Agent for a Website)
- After installing the agents and determining which website will be scanned with the internal agent, you can start a scan on your internal website (How to Scan an Internal Website)
Allowlisting Acunetix 360's IP addresses for effective communication
Acunetix 360 Web Application On-Demand and internal agents use certain IP addresses to communicate with one another.
In order for Acunetix 360 Web Application On-Demand to operate effectively, you need to allowlist certain IP addresses on your firewall and/or proxy servers to allow communication of different components, such as internal scanning agents.
Without establishing this communication, you may run into problems. For example, the scanner agent may not report all of its findings to the Acunetix 360 Web Application. Or, Acunetix 360 may not push the vulnerabilities to the on-premises integration endpoints, such as Jira. So, you need to allowlist the IP address for the components to communicate with one another, as needed.
Tips It is strongly recommended to allowlist the IP addresses only if you plan to install any of the following components:
|
Allowlisting Requirements
- www.invicti.com
- r87.me
- https://online.acunetix360.com/
- 18.215.138.185, 3.209.193.120, s3.us-east-1.amazonaws.com
Manage Agents Fields
This table lists and explains the fields in the Agents window.
Field | Description |
Name | This is the name of the agent. |
State | This is whether the agent is online and waiting for a scan assignment.
|
Launch Date | This is the date when the agent was first available. |
Last Heartbeat | This is the last time the agent communicated with the web application. |
Version | This is the version number of the scanner agent. |
Is Up To Date | This is whether the Agent is up-to-date. |
Vdb Version | This is the Vulnerability Database Version running on the Agent. |
Operating System | This is the operating system on which the Agent is installed. |
Installed Framework | This is the .NET environment on which the Agent is running. Note: Starting with the 7 December 2022 dated release, internal agents are bundled with the required .NET framework. So, you don’t need to install .NET into your environment. Also, the installed framework version and your .NET version can be different. |
Operating System Architecture | This represents the operating system architecture on which the Agent is installed. |
Target URL | This is the target URL of the website, including the path. |
Process Architecture | This represents the process architecture on which the Agent is installed. |
IP Address | This is the IPv4 version of the Agent. |
How to Configure an Agent for a Website
- Log in to Acunetix 360.
- From the main menu, select Websites > New Website.
- On the New Website page, complete the fields, as described in How to Add a Website in Acunetix 360.
- In the Agent Mode field, select an option.
- Select Save.
How to Scan an Internal Website
- From the main menu, select Scans > New Scan.
- In the Target URL field, enter the URL of the internal website.
- From the Preferred Agent drop-down, select an internal agent to use it during the scan if there is more than one. Alternatively, you can retain the default setting (Any of the available agents), so that Acunetix 360 will automatically select one of them.
- Complete the remaining fields, and select Launch.
How to View Commands for an Agent
- From the main menu, select Agents > Manage Agents.
- On the Agents' page, select the relevant agent.
- From the Commands drop-down, select View Agent Commands.
Accessing Agent Logs
The Acunetix 360 Scanning Agent stores the application logs in the Logs folder in the installation path.
With the latest version of the Agent, the last three days’ logs can be downloaded from the Manage Agents page. These logs are especially useful for troubleshooting.
How to Access Agent Logs
- From the main menu, select Agents > Manage Agents.
- Next to the relevant Agent, select the Command drop-down, then Request Agent Logs.
- Once you confirm, the logs will be requested from the target agent and can be downloaded from the UI.
- Alternatively, when target logs are ready, you will receive a notification. Click the bell, then select the relevant notification.
- Select Download Logs. The download will start.