Corporate Software Inspector: Requirements

Intelligent Security Patch Management

Requirements

Corporate Software Inspector (CSI) 6.0 System Requirements

CSI is an authenticated internal vulnerability scanner, capable of assessing the security state of practically all legitimate programs running on Microsoft Windows platforms and supports scanning on PC, Apple Mac OSX, and Red Hat Enterprise Linux (RHEL) platforms.

CSI also integrates with Microsoft WSUS, System Center Configuration Manager and third-party patch deployment solutions for easy deployment of third-party updates, making patching a simple and straight-forward process for all IT departments.

Supported Microsoft Operating Systems:

  • Windows XP Service Pack 3
  • Windows Vista (x86)
  • Windows 7 (x86)
  • Windows 8 (x64)
  • Windows Server 2003
  • Windows Server 2008 (x86)
  • Windows Server 2012 (x64)

CSI 6.0 GUI/Console Prerequisites

In order to install and run CSI Console (Graphical User Interface), the following requirements should be met:

  • Latest version of CSI 6.0 downloaded from Secunia’s website
  • Microsoft Internet Explorer 7 or higher
  • The CSI Console must be launched by a user with Domain Admin privileges
  • https://*.secunia.com/ must be added to the Trusted sites in the Internet Options of IE
  • Internet Connection - SSL 443/TCP to https://*.secunia.com/
  • Minimum 1200 * 768 screen resolution

The Dashboard window provides CSI user with an overview of their hosts with the help of various "portlets". Portlets are a collection of components that graphically display key data and allow the user to create unique profiles which can display a unique combination of portlets. For convenience, a user can create and alternate between several dashboard profiles.

For each dashboard profile created, a static URL will be automatically created. This can be accessed in the lower right corner of CSI console.

You can use the static URL to view the dashboard on any web browser or to make this information accessible externally.

Access to the static dashboard URL is done through "https" and each URL is unique and dynamically generated.

CSI 6.0 with Patching Capability

To successfully create updates the following should also be present when installing CSI:

  • WSUS installer (Administration console only)
  • Visual C runtime
  • Microsoft .NET Framework runtime 4 or later
  • When running CSI 6.0 for the first time in Windows Vista, 7, 8, 2008 or 2012, right-click the CSI icon and select Run as administrator
  • If the WSUS Self-Signed Certificate is going to be used, and the user wishes to provision the certificate through the Patching > WSUS/SCCM > Deployment function, Remote Registry service must be enabled on the clients
  • Select the target hosts where the certificate is to be installed (CTRL+ mouse click for multiple selection), right-click and select Verify and Install Certificate

Installing CSI 6.0 GUI

Please follow the steps below to install CSI 6.0:

  1. Download CSI 6.0 installer from http://secunia.com/CSISetup.exe
  2. Double-click the installer icon and follow the wizard instructions
  3. Launch CSI 6.0 as Domain Administrator, for example right-click and Run as administrator (if running on Windows Vista, 7, 8 or 2008)
  4. Login with your CSI 6.0 Account credentials (User name/Password)
  5. You will be prompted to reset your password. We strongly recommend that you proceed with the password reset since the initial Secunia password will expire after the first login.

Windows 8 with IE 10

If you experience problems loading CSI Console when using Windows 8 with Internet Explorer 10, ensure that the TLS is set to 1.2:

  • Go to Tools > Internet options and click the Advanced tab
  • Scroll to the bottom of the Settings list
  • Deselect Use TLS 1.0 and select Use TLS 1.2

Windows 8 x64 WSUS Installation

Note: WSUS 6.0 uses port number 8530 and WSUS 3.0 uses port number 80.

Agent-based Scan – Requirements (Windows)

The flexibility offered by CSI ensures that it can be easily adapted to your environment.

If you choose to scan using the installable Agent (Agent-based scans), the following requirements should be present in the target hosts:

  • Administrative privileges (to install the CSI Agent – csia.exe)
  • Microsoft Windows XP, 2003, 2008, Vista, 7 or 8
  • Internet Connection – SSL 443/TCP to https://*.secunia.com/
  • Windows Update Agent 2.0 or later

Agent-based Scan – Requirements (Mac OS X)

The following requirements should be met before installing the Single Host Agent on an Intel-based Mac OS X machine:

  • Supported Systems:
    10.5 Leopard/10.6 Snow Leopard/10.6 Snow Leopard Server/10.7 Lion/10.8 Mountain Lion
  • Administrator privileges at minimum ('root' privileges required for the installation)
  • Internet Connection – SSL 443/TCP to https://*.secunia.com
  • The user installing the agent must have 'execute' permissions on the file (chmod +x)

Remote/Agent-less Scan – Requirements (Windows)

If you prefer to scan without installing the CSI Agent (Agent-less scans), the following requirements should be present in the target hosts:

  • Ports 139/TCP and 445/TCP open inbound (on hosts)
  • File sharing enabled on hosts
  • Easy/simple file sharing disabled
  • Windows Update Agent 2.0 or later

Required Windows services started on hosts:

  • Workstation service
  • Server service
  • Remote Registry service (by default is disabled on Win7/Vista)
  • COM+ services (COM+ System Application: Set to Automatic)

Scanning Red Hat Enterprise Linux (RHEL)

The scan agent for RHEL uses the inventory which is already present (RPM) and displays this in CSI after being processed by Secunia Detection/Version Rules. To download CSI Agent for Red Hat Linux, go to Scanning > Scanning via Local Agents > Download Local Agents.

Back to Corporate Software Inspector