Unlock enhanced API scanning with Burp Suite Enterprise Edition  –  Learn more

Enterprise Edition

Architecture overview (Standard)

  • Last updated: March 27, 2024

  • Read time: 2 Minutes

The following diagram shows the core components of Burp Suite Enterprise Edition and the connections between them.

Burp Suite Enterprise Edition architecture

Enterprise server

The Enterprise server is the main application server. It coordinates between the other components. The Enterprise server is always installed on the same machine as the web server.

Web server

The web server provides the interface to users either via the web UI or one of the APIs. The web server is always installed on the same machine as the Enterprise server.

Database

Burp Suite Enterprise Edition uses a SQL database to store all the application data, including scan data. You can use one of the following options:

  • An embedded database that can be installed on the same machine as the Enterprise server and web server. The embedded database is designed for trials and evaluations of Burp Suite Enterprise Edition. It is not intended for production use. For production use, we recommend that you use your own external database.
  • Your own external database. We recommend using an external database for production use. This option enables you utilize any existing database infrastructure that you have, including database backups.

Services

Burp Suite Enterprise Edition installs the following services on your machine:

  • burpsuiteenterpriseedition_agent.service
  • burpsuiteenterpriseedition_enterpriseserver.service
  • burpsuiteenterpriseedition_webserver.service
  • burpsuiteenterpriseedition_db.service *

* burpsuiteenterpriseedition_db.service is only installed if you're using an embedded database rather than your own external one.

Read more

Scans and scanning machines

For standard instances, scans run on a scanning machine. You can install the scanning component on the same machine as the server, or you can deploy external scanning machines on which your scans can run.

The number of scanning machines you need depends on how many concurrent scans your organization wants to run:

  • For up to five concurrent scans, we recommend a single-machine architecture. In this setup, scans run on the machine that the Enterprise server is installed on. This is the simplest deployment method.
  • For more than five concurrent scans, we recommend a multi-machine architecture. In this setup, scans run on dedicated scanning machines, offering a more scalable solution in which you could potentially run any number of concurrent scans.

After deployment, you can group scanning machines into scanning pools, which gives you greater control over scanning resources.

Next step - Single vs. multi-machine architecture

Was this article helpful?