Configure BeyondTrust Discovery Scanner Connections to BeyondInsight

Once the BeyondTrust Discovery Scanner and the console are installed, they must be configured to work together by configuring both Central Policy and Events Client.

Configure Central Policy

Central Policy enables Discovery Scanner to pull scan requests from the console and send scan status updates to the console.

Screenshot of Options - Event Routing

  1. To configure Central Policy, run the Discovery Scanner.
  2. Select Tools > Options.
  3. Select the Event Routing tab, and then select Enable Event Routing to Centralized Console.
  4. Select the Management tab, and then select Enable Central Policy.
  5. Enter the required information.
    • Central Policy Server: Name or IP address of the machine where the console is installed. If the scanner and console are on the same machine, you can use localhost.
    • Password: Use the agent password defined during BeyondInsight configuration.
    • Agent Name: Enter a name that identifies the scanner in the console.
  6. Click the Test button.
  7. After a few seconds, you see a confirmation that the connection from the scanner to the console was successful.

    If you instead receive a message that The connection was refused by the specified server, verify that the NT AUTHORITY\SYSTEM account is assigned the sysadmin server role.

For more information, please see the following: Database Permissions Matrix

Configure Events Client

The Events Client enables Discovery Scanner to securely send completed scan data to the management console, where it is extracted to populate the database.

  1. To configure the Events Client:
    • In Windows 2012 or above, click Start > Apps > BeyondTrust > Events Client Configuration.
  2. Go through the Events Client Installation Wizard.
    • On the Select a Client Certificate page, choose a certificate to use.
    • When prompted for a password, enter the agent password created during BeyondInsight configuration.
    • On the Test Connection page, click Next, wait a few seconds, and then verify that a test message has been successfully sent to the application bus.

For more information, please see the following: Set Up BeyondInsight Certificates