Deployment Planning

You can install File Reporter to work in a variety of configurations. Before installation, you should determine how best to deploy File Reporter to meet the needs of your organization.

Requirements Overview

Review the following table before installing File Reporter to understand how different technologies might affect how you proceed.

Technology	Notes
Windows and Networking	The Engine runs on a Windows operating system and uses basic TCP/IP networking inherent to the operating system.
Microsoft Internet Information Server (IIS)	File Reporter is accessed and managed via a web browser. The Web Application is an ASP.NET application that runs in conjunction with IIS. The installer and configuration utilities configure IIS automatically and manage most aspects of the installation for you. The Engine and Web Application must run on the same system in this release of the software.
DNS	You must use the site hostname registered with IIS to access the File Reporter Web Application with a browser (i.e., the raw IP address does not work). You must either create a DNS entry for the name in the environment, or add the entry to the `hosts` file on every machine accessing the File Reporter system.
Database	File Reporter utilizes a PostgreSQL or Microsoft SQL Server database as the back-end data store. The database must be accessible from the server running the Engine.
Active Directory and Windows Server	To report on Active Directory and Windows file systems, File Reporter uses a proxy object and group in Active Directory that is used by the system as part of day-to-day operations. You should understand basic Windows file system and Active Directory terminology and operations, and be familiar with the Windows network that you will report against with File Reporter.
Message Broker	File Reporter uses the RabbitMQ message broker to enable messaging between the File Reporter components required for file content scanning (ManagerFC and AgentFC) or Microsoft 365 scanning (Agent365).

Engine Host

The server hosting the Engine service should have significant CPU, disk, and memory resources for all but the smallest installations.

The Engine runs on any of the following Windows Servers:
- Windows Server 2025
- Windows Server 2022
- Windows Server 2019
The Engine host must be joined to the domain.

NOTE: You should install the Engine on a member server and not on a domain controller, as this may become a requirement in a future release.

File Content

File Reporter can scan and classify file content. For example, you can scan for files containing US Social Security numbers and then classify these files as restricted documents with access permissions and storage locations that may need to be corrected.

You must install the following additional components to scan Windows network storage devices for file content:

ManagerFC
AgentFC
RabbitMQ message broker

See File Content Scanning in the File Reporter 25.2 Administration Guide for details.

Microsoft 365

File Reporter 25.2 now scan and report on the metadata and permissions of files stored in OneDrive for Business, SharePoint Online, and Teams.

You must install the following components to scan and report on these Microsoft 365 cloud-stored files:

Agent365
RabbitMQ message broker

File System Agents

Target System	Local Scan	Proxy Scan
Windows Server	Yes	Yes
Network-Attached Storage (NAS) Device	No	Yes

When deciding whether to install AgentFS locally on a Windows server or run the AgentFS service as a proxy, be aware that:

Locally-installed agents perform scans faster than proxy-based agents.
Locally-installed agents share CPU and memory resources with other software running on the system. Consider using a proxy rather than installing the agent locally if the server’s resources are already constrained.

Database Planning

Consider the following guidelines before installing and configuring any database system for File Reporter.

Determine Database Type

You can use either a PostgreSQL database or a Microsoft SQL Server database.

You may prefer a PostgreSQL database if you are proficient with Linux.
You may prefer Microsoft SQL Server if you have a Microsoft Licensing Agreement that entitles you to Microsoft SQL Server. NOTE: File Reporter supports Standard and Enterprise versions of SQL Server, but does not support Web or Express editions.

Use a Dedicated Server

Due to the potential size of the collected scan data and the I/O processing required for large database installations, you should install the database on a dedicated server.

See PostgreSQL - Minimum Requirements or Microsoft SQL Server - System Requirements for minimum requirements.

Use a Dedicated Database Instance

Use a dedicated PostgreSQL cluster or SQL Server instance to prevent conflicts with other vendor software.

File Reporter requires access at the instance level to manage the database security principals and roles. In addition, File Reporter ships with optional CLR extensions for SQL Server, which require enablement at the instance level.

Do not install the File Reporter database in an instance or cluster that shares databases with other software.

Provide Sufficient I/O Bandwidth

Relational Database Management Systems are I/O intensive, especially the persisted storage on disk. For best performance…

Provide SSD storage, if possible, for the database tablespaces or filegroups.*
Alternatively, provide RAID-10 spindle storage for database tablespaces or filegroups.**
Do not use RAID-5 storage for database storage.
Do not use Network-Attached Storage for database storage.
If using a SAN, provide at least 10 GB or more throughput (ideally, the SAN link should be faster than the I/O capacity of the back-end storage system, so that it is not the bottleneck).
Enable battery-backed cache for RAID and SAN controllers.
For SQL Server, optionally place tempdb on a separate RAID-1 or SSD.
Optionally, place the transaction logs on a separate RAID-1 or SSD. This can be done either during the installation of the SQL Server instance, or afterwards.

See https://msdn.microsoft.com/en-us/library/ms189133.aspx for procedures on moving database files after installing a SQL Server instance.

For PostgreSQL, moving database files is a simple process: Stop the database server, relocate the pg_xlog folder, and then create a symbolic link to the new path.

The need for separate disks for transaction logs is minimized if the main storage is already on RAID-10 or SSD, and the I/O channel is not already saturated.

*See https://msdn.microsoft.com/en-us/library/ms189563.aspx. for information about SQL Server filegroups.

**See https://www.postgresql.org/docs/current/static/manage-ag-tablespaces.html for information about PostgreSQL tablespaces.