If you are running your endpoint on a machine other than Windows or Linux, or you
choose not to use the ISM endpoint installer, you can manually install
the endpoint.
About this task
These steps continue from either
step 6 of
Configure Internal Scanning or
step 6 of Add
Endpoint to Gateway. Refer to those sections for the previous steps of this
process.
To manually install an endpoint in your environment:
Procedure
-
Click Download to download the ZIP file containing the
endpoint.
-
Move the ZIP file to a machine behind your firewall with access to your
internal applications.
-
Extract the ZIP file.
-
Start the endpoint JAR file from the command line with the appropriate commands
for your proxy configuration. You can also copy these commands from the Set Up
Your Environment screen:
-
Click Close.
Note: Ensure you deploy the endpoint to a location accessible to the
applications you want to scan. If the applications cannot access the
endpoint, the Dynamic Analysis scans for those applications
fail.
The gateway and endpoint you created now appear on the Internal Scanning
Management page.
Note: The gateway may have a status
of Initializing for a few minutes after you create it. The endpoint has a
status of Pending until you successfully deploy it. When you successfully
deploy the endpoint, it has a status of Ready.
What to do next
If the endpoint fails to connect to the gateway, your
organization may need to whitelist the gateway IP address or domain name. The IP address
and domain are visible from the Internal Scanning Management page and the gateway
page.
After you have created the gateway, started the endpoint, and tested the
gateway connection, you can configure a Veracode Dynamic Analysis for internal scanning.