File System Scanner Agent Configuration - Windows

  • Published on Oct 23, 2025
  • 3 minute(s) read
Prev Next

1.0 Introduction

This article describes the minimum configuration requirements needed to successfully scan file system resources in an on-premises environment using the File System Scanner Agent on the Windows platform.

It also describes:

  • How to install the File System Scanner Agent.

  • How to configure the scanner through the configuration file parameters.

  • How to execute the File System Scanner Agent.

For detailed information on the File System infrastructure, refer to File System.

2.0 Scanning Permissions

For detailed information on on-premises connection scanning permissions, refer to On-premises Connection Permissions.

3.0 Prerequisites

The following are the prerequisites to configure a File System Scanner Agent on the Windows platform:

  • Fortanix On-premises Scanner: Ensure that the Fortanix On-premises Scanner ( fortanix-scanner ) package, which acts as the central service, is installed, configured, and running. It communicates with Fortanix Key Insight and with the File System Scanner Agents. When the file system scanning service (fs_accumulator) is enabled, this package starts a local HTTPS server to receive data from the agents.

    For detailed information on Fortanix On-premises Scanner installation and configuration, refer to On-premises Scanner Configuration.

  • Server Specifications

    • The server hosting the scanner must have at least 2 virtual Central Processing Units (vCPUs) allocated.

    • The server must have a minimum of 8 GB of Random Access Memory (RAM) to support the scanner.

    • The server should have at least 20 GB of storage capacity for temporarily storing scanned data.

  • Operating System and Libraries

    • Supported operating systems include Windows Server 2016, 2019, and 2022.

  • Network Requirements

    • Outbound (File System Scanner Agent → Fortanix On-premises Scanner):

      File System Scanner Agent must be able to establish Transmission Control Protocol (TCP) connections to the Fortanix On-premises Scanner’s host and port, as defined in the configuration file.

    NOTE

    The File System Scanner Agent does not expose any ports. It only initiates outbound connections to the fortanix-scanner service.

4.0 File System Scanner Agent Installation

You must install the File System Scanner Agent package on a Windows machine to manage your File System resources on Windows.

NOTE

You must start the fortanix-scanner service before executing the File System Scanner Agent. If the fortanix-scanner service is not running, the File System Scanner Agent will fail with an error when attempting to register a new scan.

Perform the following steps:

  1. Download and open the Microsoft Installer File (msi) file.

  2. On the Fortanix KI Filesystem Scanner Setup dialog box, read through the scanner license agreement and select the check box to accept the terms.

    Figure 1: Install the Scanner Package

  3. Click Install to proceed with the installation.

  4. After the installation completes, click Finish to close the installer. The scanner is installed in the default directory, C:\Program Files\Fortanix\KI\.

  5. Generate the scanner configuration file as described in Section 5.0: File System Scanner Agent Configuration with the details specific to Windows.

  6. Start the scanning process as described in Section 6.0: Run the File System Scanner Agent.

NOTE

To upgrade the package on Windows, download the latest installer (.msi) and run it. The installer automatically replaces the previous version and no manual uninstallation is required.

5.0 File System Scanner Agent Configuration

For detailed information on how to configure the File System Scanner Agent for the Windows platform, refer to File System Scanner Agent Configuration File.

6.0 Run the File System Scanner Agent

After the File System Scanner Agent is configured, it must be run from an elevated Command Prompt or PowerShell session as Administrator.

Perform the following steps to execute the File System Scanner Agent:

  1. Open the command prompt and run the following command to navigate to the scanner installation directory:

    cd "C:\Program Files\Fortanix\KI"

  2. Run the following command to execute the scanner:

    FortanixFSScanner.exe start --config-file <path-to-config.yaml>

    Where, <path-to-config.yaml> is the full path to your scanner configuration file. For example: C:\Program Files\Fortanix\KI\conf\config.yaml.

NOTE

  • After you start the File System Scanner Agent, any changes made to the scanner configuration file require a restart of the scanner to apply the latest updates.

  • If the scan is interrupted or closed, the next scan will start from the beginning.

  • To stop the scanner when running in Command Prompt, press Ctrl + C in the same console window.

7.0 Troubleshooting

Refer to On-premises Connection Troubleshooting for guidance on troubleshooting steps for common issues encountered while configuring and running Fortanix Key Insight in on-premises environments.