Enterprise Recon 2.9.1

End-of-Support Platforms

This section covers the following topics:

End-of-Support Platforms

The platforms / Targets listed here have reached end-of-support and will no longer be available as scan Targets in Enterprise Recon.

Platform / Protocol Description End-of-Support In?
Box Enterprise

To continue scanning the Box environment, you are recommended to use the Box Inc protocol which uses the custom app with server-side authentication using JSON Web Tokens (JWT) for authorization.

ER 2.9.0
Microsoft 365 - Exchange Online (EWS)

The Exchange Online (EWS) (previously Office 365 Mail) Target uses the Basic Authentication method for Exchange Web Services (EWS), which is marked for retirement by Microsoft on October 1st, 2022. Existing scans for Microsoft 365 - Exchange Online (EWS) may start to fail once Basic Authentication access is disabled for Exchange Web Services (EWS).

To continue scanning Exchange Online, you are recommended to use the Exchange Online (Graph) protocol which uses the more secure application permissions workflow for authentication and authorization. The recommended Exchange Online (Graph) protocol also simplifies compliance management by allowing you to identify, remediate and report results according to predefined Groups in your organization's Exchange Online mail environment

ER 2.7.0
Email Targets - Microsoft Exchange (EWS) To continue scanning the Microsoft Exchange Server, you are recommended to use the Exchange Domain protocol instead. ER 2.7.0

End-of-Support Platforms Behavior

The following section describes what happens when a platform / Target reaches end-of-support in Enterprise Recon. This behavior is applicable for the ER2 Web UI and API.

Feature Description
Targets / Target Locations
  • End-of-support Targets cannot be added as new Targets to the Master Server.
  • You cannot probe or add new locations for existing Targets that have reached end-of-support.
Scans
  • You cannot create or schedule new scans for existing Targets that have reached end-of-support.
  • Active scan schedules (that are currently running, scheduled, interrupted, paused, recurring, or failed) for end-of-support Targets will fail and be logged as an Inaccessible Location with Critical Critical severity level severity. Other Targets contained in these scan schedules will proceed to be scanned as usual.
  • End-of-support Targets will be automatically removed from the list of "Selected Locations" when modifying an active scan schedule that contains an end-of-support Target.
  • End-of-support Targets cannot be added when modifying an active scan schedule.
Results and Remediation
  • The match results for end-of-support Targets can be viewed and/or exported from the Investigate page.
  • All post-scan actions (e.g. remediation, access control, classification etc...) are not available for end-of-support Targets.
Reports and Logs
  • All Target logs (e.g. scan trace logs, inaccessible locations etc...) and scan reports for end-of-support Targets will continue to be available and accessible via the Targets page.