Corporate Software Inspector: Requirements

Intelligent Security Patch Management

Requirements

Corporate Software Inspector 2016 System Requirements

To use the Corporate Software Inspector console your system should meet the following requirements:

  • Minimum resolution: 1024x768
  • Internet Explorer 8 or higher (Scan results can also be viewed from other browsers)
  • Internet connection capable of connecting to https://csi7.secunia.com
  • The addresses crl.verisign.net, crl.thawte.com, http://*.ws.symantec.com and https://*.secunia.com/ should be white-listed in the Firewall/Proxy configuration
  • First-Party cookie settings at least to Prompt (in Internet Explorer)
  • Allow session cookies
  • A PDF reader

Corporate Software Inspector with Scanning and Patching Capabilities

  • Internet Explorer 8 or higher with Corporate Software Inspector Plugin installed (in order for Corporate Software Inspector to connect to WSUS and to create packages successfully, Internet Explorer must be run as administrator in most cases - right-click and select Run as administrator).
  • In Internet Explorer Tools > Internet options > Advanced, ensure Use TLS 1.1 and Use TLS 1.2 are selected.
  • WSUS installer (Administration Console only).
  • Visual C++ 2012 (x32 and x64).
  • Microsoft .NET Framework runtime 4 or later.
  • If the WSUS Self-Signed Certificate is going to be used, and the user wishes to provision the certificate through the Patching > WSUS/System Center > Deployment function, Remote Registry service must be enabled on the clients.
  • Select the target hosts where the certificate is to be installed (CTRL+ mouse click for multiple selection), right- click and select Verify and Install Certificate.

Download and Install the Corporate Software Inspector Plugin

The first time you login to Corporate Software Inspector, click the link on the bottom of the page and follow the on- screen instructions to download and install the Corporate Software Inspector Plugin to enable scanning and patching. Please note that the Plugin is only compatible with Internet Explorer version 8 or higher. Corporate Software Inspector Plugin is installed locally and must be installed on the machine you are running the Corporate Software Inspector console from. Once the Corporate Software Inspector Plugin has been installed the download link is removed from the page.

If Internet Explorer is blocking the ActiveX Plugin, follow the steps below to allow it to load:

  • Open Internet Explorer's Internet options
  • Go to the Security tab
  • Select Trusted Sites
  • Add your server's IP or hostname to the Trusted Sites
  • Go back to the Security tab and click Custom level
  • Scroll down to Initialize and script ActiveX controls not marked as safe for scripting and change the setting from Disable to Prompt or Enable

Download and Install the Corporate Software Inspector Daemon

The Corporate Software Inspector Daemon is a stand-alone executable that executes various schedules configured in the Corporate Software Inspector console. It runs as a background service with no user interaction. You can download the Daemon from: http://secunia.com/support/download/.

The Daemon integrates a number of local data sources in your network with the Flexera Software Cloud. It should be deployed to a node in the network that has high availability (for example, the server running the System Center or SQL server).

Once deployed, the Daemon will regularly scan the following data sources, based on the configuration created in Corporate Software Inspector:

  • Active Directory
  • Microsoft® System Center Configuration Manager (“System Center”) Imports
  • Scheduled Exports
  • WSUS State Change

Agent‐based Scan - Requirements (Windows)

The flexibility offered by Corporate Software Inspector ensures that it can be easily adapted to your environment. If you choose to scan using the installable Agent (Agent-based scans), the following requirements should be present in the target hosts:

  • Administrative privileges (to install the Corporate Software Inspector Agent – csia.exe)
  • Microsoft Windows XP, 2003, 2008, Vista, 7, 8 or 10
  • Internet Connection – SSL 443/TCP to https://*.secunia.com/
  • Windows Update Agent 2.0 or later

Agent‐based Scan – Requirements (Mac OS X)

The following requirements should be met before installing the Single Host Agent on an Intel-based Mac OS X machine:

  • Supported Systems: 10.5 Leopard/10.6 Snow Leopard/10.6 Snow Leopard Server/10.7 Lion/10.8 Mountain Lion
  • Administrator privileges at minimum (‘root’ privileges required for the installation)
  • Internet Connection – SSL 443/TCP to https://*.secunia.com/
  • The user installing the Agent must have 'execute' permissions on the file (chmod +x)

Remote/Agent‐less Scan - Requirements (Windows)

If you prefer to scan without installing the Corporate Software Inspector Agent (Agent-less scans), the following requirements should be present in the target hosts:

  • Ports 139/TCP and 445/TCP open inbound (on hosts)
  • File sharing enabled on hosts
  • Easy/simple file sharing disabled
  • Windows Update Agent 2.0 or later

Required Windows services started on hosts:

  • Workstation service
  • Server service
  • Remote Registry service (by default is disabled on Win7/Vista)
  • COM+ services (COM+ System Application: Set to Automatic)

In order for a remote/Agent-less scan to succeed, the user executing the scan – whether that’s the user running the Corporate Software Inspector console or the user for the service running the network appliance – must have local administrative privileges on the scanned hosts.

When performing Remote/Agent-less scans, the result may be displayed as Partial in the Completed Scans page. This is caused by the Windows Firewall default settings that block the RPC dynamic ports. On the host, in Windows Firewall, the user should create an inbound rule to allow inbound traffic for all products that use RPC dynamic ports.

Back to Corporate Software Inspector