AppScan Enterprise Server overview

The AppScan® Enterprise Server is a separately-installable component. The server provides centralized user management capabilities and a mechanism for sharing assessments via the AppScan Source Database. In addition, if your administrator has installed the Enterprise Console component of the AppScan Enterprise Server, you can publish assessments to it. The Enterprise Console offers a variety of tools for working with your assessments - such as reporting features, issue management, trend analysis, and dashboards. Most AppScan Source products and components must communicate with an AppScan Enterprise Server. Without one, you can use AppScan Source for Development in local mode - but features such as custom rules, shared scan configurations, and shared filters will be unavailable.

Important: For some versions of AppScan Source and AppScan Enterprise, the version and release level of the two products must match in order to connect from AppScan Source to the AppScan Enterprise Server. See HCL AppScan Source system requirements to learn more about system requirements anc compatibilities.

To learn about the hardware and software required to run the AppScan Enterprise Server, see AppScan Enterprise Server system requirements.

For information about installing the AppScan Enterprise Server, refer to the AppScan Enterprise Planning & Installation Guide or to the AppScan Enterprise Server user assistance at HCL Software Product Documentation (AppScan Enterprise documentation).

When used with AppScan Source, the AppScan Enterprise Server requires an solidDB® database server that you have installed with the AppScan Source installation wizard - or an existing Oracle database server that has AppScan Source schema and data applied by the AppScan Source installation wizard.

Important:
If the AppScan Enterprise Server that you will connect to is enabled for NIST 800-131a compliance, you must set AppScan Source to force Transport Layer Security V1.2. If Transport Layer Security V1.2 is not forced, connections to the server will fail.
  • If you are not installing the AppScan Source Database (for example, you are only installing client components), you can force Transport Layer Security V1.2 by modifying <data_dir>\config\ounce.ozsettings (where <data_dir> is the location of your AppScan Source program data, as described in Installation and user data file locations)). In this file, locate this setting:
    <Setting
		 name="tls_protocol_version"
		 read_only="false"
		 default_value="0"
		 value="0"
		 description="Minor Version of the TLS Connection Protocol"
		 type="text"
		 display_name="TLS Protocol Version"
		 display_name_id=""
		 available_values="0:1:2"
		 hidden="false"
		 force_upgrade="false"
	/>

    In the setting, change value="0" to value="2" and then save the file.

  • If you are installing the AppScan Source Database, you force Transport Layer Security V1.2 in the HCL AppScan Enterprise Server Database Configuration tool after installing both AppScan Source and the Enterprise Server.

To learn about the HCL AppScan Enterprise Server Database Configuration tool, see Registering the AppScan Source Database with AppScan Enterprise Server.