Enterprise Recon Cloud 2.11.1
System Requirements
This page lists the system requirements for:
Master Server
There are three (3) deployment size options for your Master Server during the Enterprise Recon Cloud deployment process. Each deployment size has a corresponding disk size, memory (RAM), and number of pre-configured Linux cloud Agents.
| Deployment Size | Instance Type | Disk Size (for user data) | Memory (RAM) | Number of pre-verified proxy agents | 
|---|---|---|---|---|
| small | m5.xlarge | 80 GB | 16 GB | 2 | 
| medium | m5.2xlarge | 120 GB | 32 GB | 4 | 
| large | m5.4xlarge | 200 GB | 64 GB | 4 | 
Depending on the number of Targets you intend to add and scan, as well as the potential number of match locations, one deployment size may be more suitable for you than the other.
Memory and Disk Space
The memory (RAM) and disk space requirements for your Enterprise Recon Cloud Master Server are dependent on several factors, including (but not limited to):
- The number of Targets that must be scanned,
- The type of Targets that must be scanned,
- The number of concurrently running scans,
- The amount of data scanned,
- The number of match locations in each Target,
- The complexity of data residing in each Target,
- The level of activity in the Web Console, and
- The number of users concurrently connected to the Web Console.
The following table shows the minimum requirements for deploying a Master Server (in either of its three subscription license types) that supports a given number of Targets and match locations per Target:
| Targets | Match Locations (per Target) | Memory | Disk Size | 
|---|---|---|---|
| 10 | 100,000 | 16 GB | 4 GB | 
| 50 | 100,000 | 16 GB | 20 GB | 
| 100 | 100,000 | 16 GB | 34 GB | 
| 200 | 100,000 | 16 GB | 60 GB | 
| 500 | 100,000 | 16 GB | 140 GB | 
| 1000 | 100,000 | 32 GB | 280 GB | 
| 2000 | 100,000 | 32 GB | 560 GB | 
| 10 | 1,000,000 | 32 GB | 34 GB | 
| 50 | 1,000,000 | 32 GB | 140 GB | 
| 100 | 1,000,000 | 32 GB | 280 GB | 
| 200 | 1,000,000 | 64 GB | 560 GB | 
| 500 | 1,000,000 | 64 GB | 1.3 TB | 
| 1000 | 1,000,000 | 64 GB | 2.6 TB | 
| 2000 | 1,000,000 | 64 GB | 5.2 TB | 
Example 1
To add and scan 100 Targets with 100,000 match locations, the recommendation is 16 GB of memory and a 40 GB disk size. In order to meet the recommended memory and disk size, the small deployment size that comes with 16 GB of RAM and 80 GB of disk space is likely the most suitable for your set up.
Example 2
To add and scan 500 Targets with 100,000 match locations, the recommendation is 16 GB of memory and 140 GB disk size. A 16 GB memory requires the small deployment size, but a 140 GB disk requires the large deployment size. The large deployment size provides the needed disk space (200 GB) but exceeds the necessary memory by a large margin.
In this case, you can:
- opt for the large deployment size regardless (and if it suits your needs), or
- opt for the small deployment size upon deployment to meet the recommended memory and then increase the disk size manually later on (after deployment).
Ultimately, we recommend evaluating your memory and disk size requirements to identify the deployment size that works best based on your needs.
To increase the instance and/or disk size, refer to the Manage Instance and Disk Size section.
Node Agent
A Node Agent is designed to run with minimal impact on its host system. Its main role is to deliver and load the scanning engine and send scan results to the Master Server through an encrypted TCP connection.
Pre-configured Linux cloud Agents that have been automatically verified upon deployment can readily be used to scan cloud Targets, so manually installing Agents on-premises for cloud-scanning purposes is optional.
When installing on-premises Agents, ensure that they meet the requirements below.
Minimum System Requirements
- Memory: 4 MB.
- Free Disk Space: 16 MB.
Supported Operating Systems
| Environment (Target Category) | Operating System | 
|---|---|
| Microsoft Windows Desktop (Desktop / Workstation) | 
 | 
| Microsoft Windows Server (Server) | 
 | 
| Linux (Server) | 
 Looking for a different Linux distribution? To run a Node Agent, you need a kernel version of 2.6
        and above. To view your kernel’s version, run uname -r in the terminal. | 
| UNIX (Server) | 
 To scan a UNIX Target that is not supported by a UNIX
    agent (e.g. FreeBSD 10 or HP-UX 11.31+), perform a Remote Access via SSH scan on
    the Target instead. | 
| macOS (Desktop / Workstation) | 
 Scans for macOS Targets locations
       
 Agentless scans for macOS Ventura 13 and above
       Performing agentless scans requires the "Full Disk Access" feature to be enabled for sshd-keygen-wrapper in the Proxy Agent host. For more information, refer to the Enable Full Disk Access section. To scan a macOS Target that is not supported by the
      macOS Agent, perform an Agentless Scan or Remote Access via SSH scan on
      the Target instead. | 
Microsoft Windows Operating Systems
Ground Labs supports and tests ER Cloud for all Windows versions supported by Microsoft.
Prior versions of Windows may continue to work as expected. However, Ground Labs cannot guarantee support for these versions indefinitely.
Linux Operating Systems
Ground Labs supports and tests ER Cloud for all Linux distributions currently supported by the respective providers.
Prior versions of Linux distributions may continue to work as expected. However, Ground Labs cannot guarantee support for these versions indefinitely.
macOS Operating Systems
Ground Labs supports and tests ER Cloud for all macOS versions supported by Apple Inc.
Prior versions of macOS may continue to work as expected. However, Ground Labs cannot guarantee support for these versions indefinitely.
Web Console
To access the Web Console, you must have:
- A compatible browser:
    
    To access the Enterprise Recon Cloud Web Console, use only browser versions that are supported by the respective developers.
- JavaScript and cookies enabled on your browser.
- A minimum screen height of 720 pixels. Recommended screen height is 1080 pixels.
File Permissions for Scans
Agents must have read access to scan Targets, and write access to remediate matches.