AppScan® Enterprise Server overview

The AppScan® Enterprise Server is a separately-installable component. The server provides centralized user management capabilities and a mechanism for sharing assessments via the AppScan® Source Database. In addition, if your administrator has installed the Enterprise Console component of the AppScan® Enterprise Server, you can publish assessments to it. The Enterprise Console offers a variety of tools for working with your assessments - such as reporting features, issue management, trend analysis, and dashboards. Most AppScan® Source products and components must communicate with an AppScan® Enterprise Server. Without one, you can use AppScan® Source for Analysis in standalone mode and AppScan® Source for Development in local mode.

Important: For some versions of AppScan® Source and AppScan® Enterprise, the version and release level of the two products must match in order to connect from AppScan® Source to the AppScan® Enterprise Server. See System requirements and installation prerequisites to learn more about system requirements and compatibilities.

To learn about the hardware and software required to run the AppScan® Enterprise Server, see AppScan® Enterprise Server system requirements.

For information about installing the AppScan® Enterprise Server, refer to the AppScan® Enterprise Planning & Installation Guide or to the AppScan® Enterprise Server user assistance at HCL Software Product Documentation (AppScan Enterprise documentation).

When used with AppScan® Source, the AppScan® Enterprise Server requires an existing Oracle database server that has AppScan® Source schema and data applied by the AppScan® Source installation wizard.

Important:
If the AppScan® Enterprise Server that you will connect to is enabled for NIST 800-131a compliance, you must set AppScan® Source to force Transport Layer Security V1.2. If Transport Layer Security V1.2 is not forced, connections to the server will fail.
  • If you are not installing the AppScan® Source Database (for example, you are only installing client components), you can force Transport Layer Security V1.2 by modifying <data_dir>\config\ounce.ozsettings (where <data_dir> is the location of your AppScan® Source program data, as described in Installation and user data file locations)). In this file, locate this setting:
    <Setting
		 name="tls_protocol_version"
		 read_only="false"
		 default_value="0"
		 value="0"
		 description="Minor Version of the TLS Connection Protocol"
		 type="text"
		 display_name="TLS Protocol Version"
		 display_name_id=""
		 available_values="0:1:2"
		 hidden="false"
		 force_upgrade="false"
	/>

    In the setting, change value="0" to value="2" and then save the file.

  • If you are installing the AppScan® Source Database, you force Transport Layer Security V1.2 in the HCL® AppScan® Enterprise Server Database Configuration tool after installing both AppScan® Source and the Enterprise Server.

To learn about the HCL® AppScan® Enterprise Server Database Configuration tool, see Registering the AppScan Source Database with AppScan Enterprise Server.