Skip to main content

Scan method selection

The choice of scan method depends primarily on the capabilities of the operating system of the scanned computer. The following table lists the possible scan methods.

Scan methodDescription
automatically (default)

This option is a combination of the Autonomous Agent, MS SCCM, and without Agent options. Autonomous Agent is the preferred method of discovery. The other scan methods are tried only when the Autonomous Agent has not contacted the Alvao REST API for 7 days. If the Microsoft Intune Connector module is available, the PC tries the MS SCCM method of scan first. If this fails, it tries the connection by pinging the remote PC. If there is no Agent on the remote computer, Collector attempts to perform discovery without an Agent.

Autonomous Agent

The agent periodically asks the Alvao REST API whether to perform discovery and whether to scan HW or SW. By default, the Agent polls every 2 hours. If the REST API requests a scan, the Agent creates a scan (CXM file) and sends it to the REST API. If the scan fails to be sent, the Agent tries again (by default every 15 minutes).

If using the Agent, we recommend using this scan method.

Pros:

  • Scanned stations can be anywhere outside the corporate network, communication is via the Internet.
  • Low network traffic - data sent is compressed.
  • No need to enable the port in the station's firewall - communication is via the standard HTTP/HTTPS protocol.
  • Eliminated risk of bad computer scan due to outdated DNS records.
  • Scans are performed in parallel.

Cons:

  • Immediate scan cannot be performed (Agent contacts Alvao REST API at certain intervals)
  • Need to install Agents and distribute Alvao REST API url settings.
MS SCCM

This option is only available with the ALVAO Endpoint Management Connectors module.

Collector reads hardware and software data on the computer using the set connections to SCCM. The computer searches through all connections one by one until it finds it. This eliminates the need to install agents on the target computers, nor is there a need to set user permissions to access WMI, the remote registry, and hard drives.

Pros:

  • HW/SW data is quickly retrieved from SSCM

Cons:

  • Alvao cannot control how old the data is in SCCM.
  • Scans are sequential.
manually

Collector does not process requests with this scan method. You must perform the scan manually on the scanned machine by running AMAgent.exe. The program will generate files with the .cxm extension, which you can then load into the AM Console using the Tools - Scan - Load from file.

Use this scan option even for computers that cannot be scanned (Linux, Apple, etc.).

without Agent (deprecated)

This option comes from older versions of the system and is replaced by automatically.

This scan method can only be used on computers running Windows 2000 and above. There is no need to install Agent on scanned computers. Scan is performed using DCOM, WMI and remote registry access.

Administrator rights are required for following services on the computers: WMI, remote registry, administrative access to hard drives (computer name).

In a standard Windows Network Domain environment, to meet this condition, all you need to do is enable the "RemoteAdmin" service in bulk on computers using Group Policy in the firewall.

Pros:

  • No need to install Agents on scanned stations.
  • Great network communication - data is not compressed during scan.

Cons:

  • Risk of another machine being scanned due to bad DNS entries.
  • Sometimes it is problematic to set up the scanned computer so that agentless scan works.
  • Scans are sequential.

You can also scan computers and devices with the Microsoft Intune Connector and the ALVAO SNMP Network Discovery module.

By default for all computers (in global scan settings) the scan method is set to automatic, which suits scan using the Autonomous Agent. For computers that are not connected to the network and for un-scannable computers, set the scan method manually.

warning

In "Agentless" mode, if computers are scanned that are split by an internal firewall on the network and yet are in the same domain, the following ports need to be enabled on the firewall:

  • WMI - port 135 + <a random port from the dynamic TCP range>, this varies by OS:
  • 1024-5000 (Windows 2000, Windows XP, and Windows Server 2003)
  • 49152-65535 (Windows Vista and above, Windows Server 2008 and above)
  • Remote registry - port 445
  • Administrative Disk Sharing - ports 135-139 and 445.

See more articles:

Windows Network Services Overview and Ports

Setting up a fixed port for WMI

Scan method by computer operating system

We recommend that computers that are connected to a computer network be scanned as follows, depending on the operating system.

  • Windows 2000 and above - scan method: automatic - Collector can scan data using standard operating system components. There is no need to install Agent on the stations.

If you choose to install the Agent, you must be running Windows 7 or higher.

  • Other operating systems - scan method: manually - computers with other operating systems, such as Linux or Apple computers, cannot be automatically scanned. Select the scan method manually for these. The necessary data must be entered into the system manually, see Inserting computers that cannot be scanned.