Configuration of Your New Local Scanning Server (LSS)
With the Beyond Security Hosted Information Server (IS)
Please follow the steps in this guide to install this new AVDS Local Scanning Server
(LSS) on your network.
All scanning and reporting functions must be controlled from our hosted Information
Server (IS). We will provide a user name and password to your own secure account on the IS. Contact AVDSeval@BeyondSecurity.com
if you have not received your login information
This LSS has been pre-configured to connect with either cloud2.beyondsecurity.com (for
North and South America and Asia) or cloud3.beyondsecurity.com (all other regions) using HTTPS (port 443).
After completing these instructions, or if you have any questions, please contact technical support at: AVDSeval@BeyondSecurity.com
.
Connect the LSS to a VGA monitor, USB Keyboard and to the network.
Start the LSS. The boot sequence will complete with the prompt: AVDS>
[Type help at any prompt to see a list of the CONSOLE COMMANDS.]
Network Configuration:

To set IP, enter: and press enter, then:
Type and press Enter
[note: eth0 is the left port marked Gb1. To configure the right port (Gb2) please enter 'interface eth1' ]
To turn DHCP on, enter:
Beyond Security, Inc. 19925 Stevens Creek Blvd.
US: 1-800-801-2821 Cupertino, CA
Intl: +1-408-329-6041 USA
95014 www.BeyondSecurity.com
www.SecuriTeam.com

To turn Static IP on:
AVDS (network interface eth0)> ip XXX.XXX.XXX.XXX
Optional: Netmask, enter:
AVDS (network interface eth0)> netmask 255.255.255.0 (class C)
Or
AVDS (network interface eth0)> netmask 255.255.254.0 (multiple class C)

Set the gateway address enter:
AVDS (network interface eth0)> exit
Then enter:
AVDS (network)> gateway XXX.XXX.XXX.XXX

Name Server default is 8.8.8.8. To change this, enter:
AVDS (network)> ns XXX.XXX.XXX.XXX

IMPORTANT : Save the settings, enter:
AVDS (network)> save
To view the network settings type:
AVDS (network)> show

Set time zone, date and time, enter:
AVDS (network)> exit
Type timezone and press 'tab' TWICE to display list:
AVDS > timezone
Beyond Security, Inc. 19925 Stevens Creek Blvd.
US: 1-800-801-2821 Cupertino, CA
Intl: +1-408-329-6041 USA
95014 www.BeyondSecurity.com
www.SecuriTeam.com

Regions with “/” after their names indicate that the region has multiple timezones. To view subregion timezones enter “timezone (region)/” and press tab twice:
Ex: AVDS > timezone US/
To select sub-region timezone, enter:
Ex: AVDS > timezone US/Pacific
Beyond Security, Inc. 19925 Stevens Creek Blvd.
US: 1-800-801-2821 Cupertino, CA
Intl: +1-408-329-6041 USA
95014 www.BeyondSecurity.com
www.SecuriTeam.com

To view date and time, enter:
AVDS > date
To change date or time, enter
AVDS > date MMDDhhmmYYYY
[Example: For the 19th of December 2014 at 6:54 PM (18:54):

IMPORTANT : Save the date and time settings, enter:
AVDS > save
To test the network connectivity via ping, type:
AVDS (network)> ping XXX.XXX.XXX.XXX
Where XXX.XXX.XXX.XXX is the address of another known host.
Beyond Security, Inc. 19925 Stevens Creek Blvd.
US: 1-800-801-2821 Cupertino, CA
Intl: +1-408-329-6041 USA
95014 www.BeyondSecurity.com
www.SecuriTeam.com

Establish External Connectivity
The LSS must be able to communicate with the IS to receive scanning instructions and to deliver scanning results. This connection has been pre-configured and will be originated by the LSS on HTTPS (port 443). Please make any network arrangements needed to allow the LSS to connect and then test that it is able to ping (ICMP echo) the correct IS for your region:
North and South America and Asia type:
AVDS (network)> ping cloud2.beyondsecurity.com
All other regions type:
AVDS (network)> ping cloud3.beyondsecurity.com
Set LSS Password and Time Zone
1. Open a browser and login at: https ://<ip-of-LSS-machine>.
2. Default LSS username is 'admin' and password is 'demo'.
Please set new password now
How to Set Password

Enter System Setup

Change Server password and click dialogue button
All scanning and reporting functions are controlled on the IS.
Do not attempt to control scanning functions on the LSS.
PLEASE CONTACT SUPPORT TO RECEIVE YOUR USER LOGON FOR THE
INFORMATION SERVER: AVDSEval@BeyondSecurity.com
Beyond Security, Inc. 19925 Stevens Creek Blvd.
US: 1-800-801-2821 Cupertino, CA
Intl: +1-408-329-6041 USA
95014 www.BeyondSecurity.com
www.SecuriTeam.com

Creating and Managing Network Scans
There are two ways to add a new scan to the AVDS Information Server. On the home page there is a dashlet tool called 'Quick Add' which we recommend for your first scans.
Use the 'Standard Scan Setup' instructions, below, for access to all scan features.
Quick Add
To quickly start a new scan, use the dashlet tool called 'Quick Add' that is available on the AVDS dashboard Home page (the screen you see when you first login).
First enter a Scan Name, then enter Range; a list of hosts separated by commas and/or a range of IP's marked by a dash. For example: www.beyondsecurity.com, www.securiteam.com and/or
192.168.1.101, 192.168.1.102 and/or
192.168.1.1-100
Beyond Security, Inc. 19925 Stevens Creek Blvd.
US: 1-800-801-2821 Cupertino, CA
Intl: +1-408-329-6041 USA
95014 www.BeyondSecurity.com
www.SecuriTeam.com

The Organization field will display a default now and later, if you create more
'Organizations', they will also display here (see more info below on creating
Organizations). The scan Organization can be changed later.
The LSS field will display a default scanner. If more scanners are added to your system, you will be able to select them here.
Optional: Check the 'Create Web Scan' check box to include a web application scan if scanning just a single host.
The Contact field will also display the current default name. Later, if other people are added to the system their names will display. The scan Contact can be changed later.
Finally, click Create - and you will be taken to the Network Scan configuration page.
There, scroll down and select a schedule and/or click on ' immediate scan ' to put the scan into the queue.
That's all there is to it. The scan is now configured and can be customized to your needs in Scan
– Scan Settings.
Standard Scan Setup
In AVDS, each scan is assigned to an "Organization". The term Organization is used to describe a logical group of users, scans, reports and an LSS. This might relate to a location, an area of responsibility or some other segmentation of your company network.
Using Organizations to divide a company network into segments is optional and in small, flat networks where all scanning is managed by a single person or group it may not be required.
In the example below an imaginary company, 'ACME', has two major divisions each with its own network administrators. In this example we will create 2 O rganizations, “DMZ
East” and “DMZ West”, so that each group of administrators can access, control and manage their own scans.
Beyond Security, Inc. 19925 Stevens Creek Blvd.
US: 1-800-801-2821 Cupertino, CA
Intl: +1-408-329-6041 USA
95014 www.BeyondSecurity.com
www.SecuriTeam.com

Creating a New Organization (Optional)
New Scans will be assigned to the default Organization, which is okay if one person intends to manage all scanning. You can create new Organizations at any time and reassign existing scans to them.
To create a new Organization:


Go to menu item Admin - Organizations and click on List
Scroll to bottom of Organization List table and c lick on “New” button


Enter the following mandatory fields into the Organization Details Table:
 Organization name
 Contact (reports will be sent to the email address of this contact)
 Accept defaults for other fields.
Click “Apply” for the settings to take effect
Creating a New Scan
Creating scans allows you to program the system to periodically scan a range of IP's or a select list of hostnames automatically. Results will be sent via email to the Contact and are shown in the AVDS web interface under Results .
To create a new scan:


Go to menu item: Scans - Scan Settings
Click on “New” button (below Scan List Table)
 Enter the following mandatory fields:
 Scan name: Any string that is descriptive, such as location, IP range, etc.
 LSS: If there is just one LSS, it will be default selected.
 Parent Organization: Any Organizations you have created will display here for
 selection. If none have been created, then the default Organization will be displayed
Hostname / IP Address Range: the list of IP's to scan.
Some examples:
192.168.1.1-254 = all IP's between 192.168.1.1 and 192.168.1.254
Beyond Security, Inc. 19925 Stevens Creek Blvd.
US: 1-800-801-2821 Cupertino, CA
Intl: +1-408-329-6041 USA
95014 www.BeyondSecurity.com
www.SecuriTeam.com


10.1.1.5,10.1.1.15,10.1.1.25 = the three IP addresses specified www.example.com, mail.example.com, ns.example.com and combinations of the above
 Contact person: This person will receive an email with a report once the scan is finished. New people (or groups of people) can be added later and this scan can be modified to include them.
Click “apply” for the settings to take effect
The system will now find the LSS named in the scan just created. You will see the message:
- Wait a few seconds, and click on the “refresh” button just above this message. If the message disappears, the scanner has acknowledged the scan and a new panel will appear at the bottom of the page to allow you to schedule the scan:
The default scan frequency is 'daily'. Modify the date scans will start (reference date) the frequency ('routine') or time of day, if you wish and click “modify schedule”.
Once the schedule is ok, click on Enable Scan to have the scan scheduled.
Note: Once the scan is enabled you will have the option to click Immediate Scan to have the scan start immediately regardless of the schedule or scan window.
Viewing the Scan Status
Once a scan has been configured, you can see it by going to menu item: Scan - Scan
Settings and select the scan from the list to view configuration and status.
Beyond Security, Inc. 19925 Stevens Creek Blvd.
US: 1-800-801-2821 Cupertino, CA
Intl: +1-408-329-6041 USA
95014 www.BeyondSecurity.com
www.SecuriTeam.com

Creating a New Web Scan
The AVDS System delivers web application scanning including crawling the web site to discover dynamic pages and using authentication to log into password protected areas.
The results of the web scan will be integrated into the results of the network scan for that host for a single report.
To configure a new web scan:


Go to Scans - Web Scan Settings
Click on “New” button (below the Web Scan List Table)
 Fill in the following mandatory fields:
 Name: Any string that is descriptive, such as company division, site name, etc.
 Scan: this is the network where the network scan for that host is done. Results of the web scan will be integrated with the network scan
 Hostname: (host to be tested, like: www.acme.com)


URL Testing Limit: Default is 15
Check boxes: all unchecked
 Contact Person: This person will receive an email with a report once the scan

 is finished. New users (or groups of users) can be added later and this scan modified to select them.
Click “Apply” for the new web scan to be created
You will now be presented with additional options:
 Configure the schedule and click “Enable Scan” to activate the scan
 Decide whether you want the scanner to crawl the entire web site, or add specific pages to be analyzed for security vulnerabilities
 Optional: Configure web site log in authentication (form based or NTML based)
Viewing the Web Scan Status
Once a web scan has been configured, you can see it by going to: Scans - Web Scan
Settings and selecting the web scan from the list.
Further Assistance
Should you have any questions or require further assistance, please contact Customer
Support:
Support@BeyondSecurity.com
Beyond Security, Inc. 19925 Stevens Creek Blvd.
US: 1-800-801-2821 Cupertino, CA
Intl: +1-408-329-6041 USA
95014 www.BeyondSecurity.com
www.SecuriTeam.com