Add Endpoints to Gateway

Internal Scanning Management

When you configure a gateway, you must create one endpoint that connects to it. After you configure the gateway, you can add more endpoints to it. Veracode recommends that you install one endpoint in each network in which you scan your internal applications.

Before you begin

Before installing an endpoint on a machine, verify that you can connect to the applications you want to scan from that machine.

About this task

To add an endpoint to a gateway:

Procedure

  1. From the gear icon menu at the top of the Veracode Platform, click Internal Scanning Management.
  2. Click the name of the gateway to which you want to add the endpoint.
  3. On the gateway page, click Add Endpoint.
  4. In the Add Endpoint window, enter the endpoint name and description and click Next.


    Note: The JAR file generated in the next step takes its name from the value you enter in the Endpoint Name field. ISM currently supports ASCII characters, not UTF-8, for endpoint names and descriptions.
  5. Perform the following steps to download and deploy the endpoint:
    1. Click Download to download the ZIP file containing the endpoint.
    2. Move the ZIP file to a machine behind your firewall with access to your internal applications.
    3. Extract the ZIP file.
    4. Start the endpoint JAR file from the command line with the commands appropriate to your proxy configuration. You can also copy these commands from the Set Up Environment screen:
      • If you are not using a web proxy to access the internet:
        java -jar '[yourendpointname].jar'
      • If you are using an unauthenticated web proxy:
        java -Dhttps.proxyHost=[your_proxy_host] -Dhttps.proxyPort=[your_proxy_port] -jar [yourendpointname].jar
      • If you are using an authenticated web proxy, launch the endpoint with this command:
        java -Dhttps.proxyHost=[your_proxy_host] -Dhttps.proxyPort=[your_proxy_port] -jar [yourendpointname].jar --authenticate
        After launching the endpoint, run the endpoint with this command:
        java -jar [yourendpointname].jar
  6. Click Finish.
    New endpoints have a status of Pending until you successfully deploy them on your network.
    Note: Make sure that you deploy the endpoint to a location that the applications you want to scan can access. If the applications cannot access the endpoint, the Dynamic Analysis scans for those applications will fail.

What to do next

After you have started the endpoint, you can configure a Veracode Dynamic Analysis for internal scanning.