Enterprise Recon Cloud 2.12.0
About Enterprise Recon Cloud 2.12.0
This section covers the following topics:
Overview
Enterprise Recon Cloud (ER Cloud) is an Enterprise Recon variant that is deployed through Amazon Web Services (AWS).
This innovative solution offers a new way to leverage the power of Enterprise Recon, delivering industry-leading data discovery and data management capabilities purpose-built for the cloud.
Key Benefits of ER Cloud
- Fast, accurate discovery for the cloud: Delivering industry-leading data discovery and management capability purpose-built for cloud-based environments, powered by our award-winning GLASS Technology™.
- No additional hardware: Eliminates the need for appliance and RPM package installs, reducing costs and simplifying IT infrastructure.
- Simplified deployment: Pre-configured Master Server and cloud Agents ensure a smooth and hassle-free setup.
ER Cloud enables sensitive data discovery across a wide variety of Targets including workstations, servers, database systems, big data platforms, email platforms and a range of cloud storage providers. For the full list of supported Targets, refer to the Target Types section.
ER Cloud also includes a variety of marking and remediation options depending on the platform where data was found to help categorize findings and perform affirmative action on sensitive data file locations.
With over 300 built-in data types spanning over 50+ countries, and a flexible custom data type creation module to create other data types for any special or unique requirements, ER Cloud helps organizations identify a broad variety of personal, sensitive, confidential and other data types that require higher levels of security in accordance with compliance and regulatory requirements such as PCI DSS ®, GDPR, HIPAA, CCPA and more.
How ER Cloud Works
The ER Cloud Master Server runs in a Docker container on the user’s EC2 instance, hosted on AWS.
In general, ER Cloud consists of components in the cloud and optional components on-premises.
In-cloud components:
- One Master Server running in a Docker container
- Pre-configured Linux Agents (cloud Agents) running in Docker containers
Optional on-premises components:
- Manually installed and verified Agents (on-premises Agents) residing on network hosts
The Master Server sends instructions to Agents, which scan designated Targets to find and secure sensitive data and sends reports back to the Master Server:
ER Cloud components are described in the sections that follow.
ER Cloud Components
Master Server
The Master Server acts as a central hub for ER Cloud. Node Agents connect to the Master Server and receive instructions to scan and remediate data on Target hosts. You can access the Master Server from the:
- Web Console
- Master Server Console (administrator only)
Web Console
The Web Console is the web interface which you can access on a web browser to operate ER Cloud. View the web console on a network host to perform tasks such as scanning a Target, generating reports, and managing users and permissions. Refer to the Access Web Console section.
Master Server Console
(Administrator only) The Master Server console is the Master Server's command-line interface, through which administrative tasks are performed. Administrative tasks include updating the Master Server, performing maintenance, and advanced configuration of the appliance. Refer to the Manage Master Server section.
Targets
Targets are designated scan locations, and may reside on a network host or remotely.
For details on how to manage Targets, refer to the Scan Locations (Targets) Overview section.
For instructions on how to connect to the various Target types, refer to the Add Targets section.
Pre-configured Cloud Agents
Enterprise Recon Cloud comes with pre-configured Linux cloud Agents that have been automatically verified upon deployment and can immediately be used to scan cloud Targets. These cloud Agents act as a middleman between the Master Server and the intended cloud Target locations.
Pre-configured cloud Agents are labeled PROXY-AGENT-01, PROXY-AGENT-02, and so on, and cannot be renamed. These cloud Agents are also added to the default PROXY-GROUP Agent Group and can be readily used to perform distributed scans for cloud Targets.
The number of pre-configured cloud Agents available depends on the deployment size you selected when ER Cloud was deployed.
| Deployment Size | Instance Type | Number of pre-verified proxy agents |
|---|---|---|
| small | m5.xlarge | 2 |
| medium | m5.2xlarge | 4 |
| large | m5.4xlarge | 4 |
Optional On-premises Agents
Pre-configured cloud Agents are immediately available upon deployment, so manually installing Agents on-premises for cloud-scanning purposes is optional in ER Cloud. Agents on-premises must be verified to establish it as a trusted Agent; only verified Agents may scan Targets and send reports to the Master Server.
The manually installed Node Agent connects to and waits for instructions from the Master Server. If a Node Agent loses its connection to the Master Server, it can still perform scheduled scans and save results locally. It sends these scan reports to the Master Server once it reconnects. The host that the Node Agent is installed on is referred to as the Node Agent host.
A manually installed Proxy Agent is an on-premises Node Agent installed on a proxy host, a network host that is not a Target location for a given scan.
Host B is not a Target location but has a Node Agent installed.
To scan Target A, ER Cloud can use the Node Agent on Host B as a Proxy Agent, and scan Target A as a Network Storage Location.