Chat now with support
与支持团队交流

Enterprise Reporter 3.2.1 - Installation and Deployment Guide

Product Overview Installation Considerations for Enterprise Reporter Installing and Configuring Enterprise Reporter Managing Your Enterprise Reporter Deployment Troubleshooting Issues with Enterprise Reporter Appendix: Database Content Wizard Appendix: Encryption Key Manager Appendix: Log Viewer

Failover Recovery using SQL Clusters

Using a SQL cluster instead of a single server allows for automatic failover recovery in the event that a SQL Server® is down. Tasks are automatically passed to another SQL Server®. Your cluster can be configured with Always On.

System Requirements

Before installing Enterprise Reporter 3.2.1, ensure that your system meets the following minimum hardware and software requirements.

See also:

For the Enterprise Reporter Server, we recommend the following minimum hardware.

Memory

Processor

Intel® or AMD 2 GHz multiprocessor (with at least 2cores)

Hard disk space

For the Configuration Manager and Report Manager, we recommend the following minimum hardware.

Memory

Processor

Intel® or AMD 2 GHz multiprocessor (with at least 2 cores)

Hard disk space

For the Enterprise Reporter Nodes, we recommend the following minimum hardware. For more detailed recommendations for node requirements, see Optimize Node Setup .Technical Documentation. 

 

Memory

Processor

Intel® or AMD 2 GHz multiprocessor (with at least 2 cores - 4 recommended)

Hard disk space

For the Enterprise Reporter SQL Server, we recommend the following minimum hardware.

Memory

Processor

Intel® or AMD 2 GHz multiprocessor (with at least 4cores)

Hard disk space

The Enterprise Reporter database is the storage location of all data collected for reporting. As such, the amount of hard disk space required is directly related to the amount of data being collected. The Database Size Estimator tool shipped with Enterprise Reporter can help determine how much space will be required.

Larger environments may have additional requirements for memory, processor, and hard disk space. There are many factors that can affect these requirements.

The following hardware is required for Enterprise Reporter 3.2.1 and higher.

Intel® or AMD 2 GHz multiprocessor (with at least 2 cores)

The following operating systems are supported for Enterprise Reporter components.

 

X

 

X

X

X

X

X

 

X

X

X

X

X

 

X

Windows Server® 2012 R2

X

X

X

X

X

X

Windows Server® Core 2012 R2

X

 

X

Windows Server® Core 2012 R2 Cluster

X

 

X

Windows Server® Core 2012

X

 

X

Windows Server® Core 2012 Cluster

X

 

X

Windows Server® 2008 R2 with Service Pack 1

X

X

X

Windows Server® Core 2008 R2 with Service Pack 1

X

 

X

Windows Server® Core 2008 R2 with Service Pack 1 (64-bit) Cluster

X

 

X

Windows Server® 2008 with Service Pack 2 (64-bit)

X

X

X

Windows® 10

 

X

 

Windows® 8.1

 

X

 

Windows® 8 (64-bit)

 

X

 

Windows® 7 with Service Pack 1 (64-bit)

 

X

 

Windows Vista® with Service Pack 2 (64-bit)

 

X

 

 

The following operating systems are supported for Enterprise Reporter discovery targets.

 

 

 

 

 

Windows Server® 2019 Functional Level

X

 

 

 

 

Windows Server® 2016 Functional Level

X

 

 

 

 

Windows Server® 2012 R2 Functional Level

X

 

 

 

 

Windows Server® 2012 Functional Level

X

 

 

 

 

Windows Server® 2008 R2 Functional Level

X

 

 

 

 

Windows Server® 2008 Functional Level

X

 

 

 

 

Windows Server® 2003 Functional Level

X

 

 

 

 

 

 

 

 

 

 

X

X

 

 

Windows Server® 2019 and 1809

 

X

X

 

 

Windows Server® 2016 and 1803

 

X

X

 

 

Windows Server® 2012 R2

 

X

X

 

 

 

X

X

 

 

Windows Server® Core 2012

 

X

X

 

 

Windows Server® 2008 R2 with Service Pack 1

 

X

X

 

 

Windows Server® Core 2008 R2 with Service Pack 1

 

X

X

 

 

Windows Server® 2008 with Service Pack 2 (64-bit and 32 bit)

 

X

X

 

 

Windows Server® 2003 R2 with Service Pack 2 (64-bit)

 

X

X

 

 

Windows Server® 2003 with Service Pack 2 (64-bit and 32 bit)

 

X

X

 

 

Windows® 10

 

X

X

 

 

Windows® 8.1

 

X

X

 

 

Windows® 8 (64-bit and 32 bit)

 

X

X

 

 

Windows® 7 with Service Pack 1 (64-bit and 32 bit)

 

X

X

 

 

Windows Vista® with Service Pack 2 (64-bit and 32 bit)

 

X

X

 

 

Windows® XP Professional with Service Pack 3 (64-bit and 32 bit)

 

X

X

 

 

 

 

 

 

 

 

X

X

 

 

 

X

X

 

 

NetApp® 9.4

 

X

X

 

 

NetApp® 9.3

 

X

X

 

 

NetApp® Filer - Data ONTAP® 8..x - 9.x and above
(Cluster mode is supported as of version 8.2)

 

X

X

 

 

 

X

X

 

 

EMC® VNX 7.1.47.5 X (Supported by collecting as a Windows Server)

 

X

X

 

 

EMC® VNX 7.0.35.3 X (Supported by collecting as a Windows Server)

 

X

X

 

 

 

 

 

 

 

SQL Server® 2017

 

 

 

X

 

SQL Server® Clusters

 

 

 

X

 

SQL Server® 2016

 

 

 

X

 

SQL Server® 2014

 

 

 

X

 

SQL Server® 2012

 

 

 

X

 

SQL Server® 2008 R2

 

 

 

X

 

SQL Server® 2008 with Service Pack 2

 

 

 

X

 

SQL Server® 2005 with Express Service Pack 3

 

 

 

X

 

SQL Server® 2005 with Service Pack 3

 

 

 

X

 

 

 

 

 

 

Exchange® 2019

 

 

 

 

X

Exchange® 2016

 

 

 

 

X

Exchange® 2013

 

 

 

 

X

Exchange® 2010

 

 

 

 

X

Exchange® 2007

 

 

 

 

X

Exchange® Mixed Modes (2007-2010, 2010-2013, 2007-2013)

 

 

 

 

X

The following versions of Active Roles are supported as targets of Active Directory discoveries. See the Active Roles web site for the hardware and software requirements for your version of Active Roles.

Enterprise Reporter can be configures to send discovery information to the following versions of IT Security Search. See the IT Security Search web site for the hardware and software requirements for your version of IT Security Search.

The following versions of SQL Server® are supported for the Reporter database. See the Microsoft® web site for the hardware and software requirements for your version of SQL Server®:

SQL Server® 2017
SQL Server® 2016
SQL Server® 2014
SQL Server® 2012
SQL Server® 2008 R2
SQL Server® 2008 with Service Pack 2
SQL Server® 2016 Always On
SQL Server® 2014 Always On
SQL Server® 2012 Always On

Enterprise Reporter can be configured to work with a SQL Server® instance. To secure communications while working with Enterprise Reporter, data sent over connections to the SQL Server can be encrypted using an SSL certificate.

The steps required to configure this encryption are as follows.

configure the SQL Server® to use the certificate
configure the SQL Server® to force encryption
Restart the SQL Server® host computer

The following software is required for Enterprise Reporter 3.2.1 and higher.

Microsoft®.NET Framework 4.6

The following software is required for Enterprise Reporter.

Microsoft®.NET Framework 4.6
Microsoft®.NET Framework 4.0 (Full)
Microsoft®.NET Framework 3.5 Service Pack 1
Microsoft® Excel® (required to view reports exported as spreadsheets)
Microsoft® Excel® 2010
Microsoft® Excel® 2013

To collect Active Roles information, the following software is required on the computer where the Enterprise Reporter Configuration Manager is installed and on the computer where the Enterprise Reporter node is installed:

For more information and installation instructions, see the Active Roles Quick Start Guide.

The following additional considerations are required:

To collect Exchange information, the following additional considerations are required:

To collect Exchange® 2007 information, the following additional considerations are required:

Exchange® 2007 Management Tools must be installed on the computer where the Enterprise Reporter node is installed and must be in the same forest as the 2007 Exchange Organization.

To collect Exchange mailbox folders, the following additional considerations are required:

To collect Azure information, the following additional software is required:

To collect Exchange Online information, the following additional considerations are required:

To collect OneDrive information, the following additional software is required:

The following services are required on the Enterprise Reporter server and nodes.

The following services must be enabled on discovery targets for collections.

 

An Overview of Enterprise Reporter Communications and Credentials Required

There are many communication channels in Enterprise Reporter, involving different sets of credentials. This allows for controlled access to your environment, but you must understand where each set of credentials are used, and what permissions they need.

Figure 2 outlines where and for what each of the credentials are used, and the following tables explain the necessary permissions. For information on managing the credentials used in the Configuration Manager, see the Using the Credential Manager section in the Quest Enterprise Reporter Configuration Manager User Guide in the Technical Documentation. 

 

See also:

Node Credential and Alternate Credential Details for On-Premises Discoveries

Node credentials are provided when a discovery node is created, and you can modify them as needed. By default, the node’s credentials are used to enumerate scopes and access on-premises targets.

If you want to use different credentials for a particular discovery, you can configure them in the Discovery Wizard. By using these alternate credentials, you can target anything on-premises for which you have credentials, in any domain. You can minimize the permissions given to node credentials, and use alternate credentials for scoping and collecting your on-premises discoveries.

The following table outlines the use of the node and alternate credentials, and how to properly configure your environment to ensure successful data collection:

Discovery Node

Enterprise Reporter Server

Provide server with job status, errors, statistics and logs.

Configured during node creation, or when you edit the node properties to change the credentials.

The node credentials must have local administrator access to the host computer and be a member of the group “Reporter_Discovery_Nodes”.

Discovery Node

Shared Data Location (if the cluster is configured to use one)

Read and write to the shared data location during data collection.

The shared data location is configured during the creation of a cluster. Ensure the node has read and write access to this file share.For more information, see the Things to Consider Before Creating a Cluster section in the Configuration Manager User Guide in the Technical Documentation. 

 

Discovery Node

Enterprise Reporter Database

There are two options for communicating with the database:

1. You can use the same service credentials that the node service uses.

2. You can specify SQL credentials only for use when the database is accessed.

The credentials you choose must be able to read and write to the database.

The account must be in the Reporter_Discovery_Nodes security group. (Note that if you use the same account as the Enterprise Reporter server it is already permissioned appropriately). Technical Documentation. 

For more information, see Role Based Security in Enterprise Reporter .

If you use SQL authentication to connect with the database, you must manually permission the SQL user, either by adding them to the database role Discovery_Nodes_Role or by permissioning specific tables in the database.

Discovery Node

Targets

Read access on all targets.

For on-premises discoveries, all domains with which the credentials have a forest or domain level trust will be enumerated.

If required, you can configure alternate credentials for specific discoveries, instead of using the default node credentials.

 

The targets are defined as part of a discovery. The discovery tasks are assigned to a particular node based on availability, so all nodes in a cluster should have access to all targets defined in all discoveries assigned to the node’s cluster.

For on-premises discoveries, ensure the node credentials or alternate credentials have read access to the target. In addition, a trust is required between the node computer and the targets.

For more information on Azure and Office 365 Discoveries, see Detailed Permissions for Enterprise Reporter Discoveries .

 

相关文档