Before installing PII Scanner, confirm that your environment meets the following requirements for both the PII Scanner Server and the PII Scanner Agent components.
PII Scanner Server requirements:
| Requirement | Details |
| Operating System | Windows Server 2019 or newer, or Linux (systemd) |
| RAM | 2 GB minimum, 4 GB recommended |
| Disk Space | 10 GB minimum for logs and database |
| Network โ Inbound | HTTP on port 52765, HTTPS on port 52766 |
| Network โ Outbound | Access to LT Auditor-MP syslog receiver |
| Privileges | Local administrator privileges required for installation |
| LT Auditor-MP | Server must be installed and running |
PII Scanner Agent requirements:
| Requirement | Details |
| Operating System | Windows or any system capable of running Python |
| Python | 3.8 or newer (if running from source) |
| Network โ Outbound | HTTPS access to the PII Scanner Server on port 52766 |
| Permissions | Read access to all file systems and paths to be scanned |
Network requirements:
| Port | Protocol | Direction | Purpose |
| 52765 | HTTP | Inbound to server | PII Scanner Server web UI (non-secure) |
| 52766 | HTTPS | Inbound to server | PII Scanner Server web UI and agent communication (recommended) |
| 514 | UDP/TCP | Outbound from server | Default syslog forwarding to LT Auditor-MP |
| 6514 | TCP/TLS | Outbound from server | Secure syslog forwarding to LT Auditor-MP |
[Your administrator should confirm the exact ports required in your environment and ensure firewall rules are in place before proceeding with installation.]
Download packages:
Two separate installation packages are required โ one for the PII Scanner Server and one for the PII Scanner Agent:
| Package | Platform | Purpose |
| LTA_PII_Scanner.msi | Windows | PII Scanner Server installation |
| Linux_install.sh | Linux | PII Scanner Agent installation on Linux |
| Install-LTAPiiAgentService.ps1 | Windows | PII Scanner Agent installation on Windows |
[Your administrator should confirm where to obtain the current installation packages for your environment.]
SSL certificate considerations:
The PII Scanner Server automatically generates a self-signed TLS certificate during installation. The following certificate artifacts are created:
| File | Purpose |
| scanner.pfx | Server TLS certificate used for HTTPS and agent communication |
| scanner.cer | Public certificate file โ must be distributed to agent machines when using self-signed certificates |
The certificate password is stored in the machine-level environment variable:
LTASCANNER_CERT_PASSWORD
For production deployments, Blue Lance recommends replacing the self-signed certificate with a certificate issued by a trusted Certificate Authority (CA).
[Your administrator should decide on the certificate approach โ self-signed or CA-issued โ before beginning installation.]
LT Auditor-MP requirements:
| Requirement | Details |
| LT Auditor-MP Server | Must be installed and running |
| Syslog Listener | Must be active and configured to receive PII Scanner forwarded events |
[Your administrator should confirm the LT Auditor-MP syslog listener port and protocol before configuring targets in PII Scanner.]
Prerequisites checklist:
- [ ] PII Scanner Server machine meets OS, RAM, and disk space requirements
- [ ] Required firewall ports are open โ inbound on 52765/52766, outbound to LT Auditor-MP syslog port
- [ ] LT Auditor-MP server is installed and running with syslog listener active
- [ ] All installation packages are available
- [ ] SSL certificate approach is decided โ self-signed or CA-issued
- [ ] Agent machines have read access to all file system paths to be scanned
- [ ] Local administrator credentials are available on the server installation machine
[Your administrator should complete this checklist before proceeding to the installation articles.]