Different Modes of Scan - Pros and Cons

 

This document discusses the pros and cons of different scanning modes.

 

 

Agent Based Scan

 

Out of all the scanning methods, the Agent based scan is most effective and recommended mode of scan. The application provides an agent, which when deployed in the network workstations, scans the workstation details and also provides easy access for remote assistance.

Pros:

  1. Only one port is required during scan, which can be configured under Admin -> Agent Settings -> Agent Configuration -> Agent Port.
  2. Performs scan on system boot up and pushes the data to AssetExplorer application.
  3. The data transfer in agent scan is very minimal compared to agentless scan and even more less when compared to Delta Scan (difference in data between two subsequent scans is fetched). Hence the bandwidth usage for subsequent scans is minimal.
  4. Quick access to the remote machine on performing Remote Control.
  5. Easy to deploy agent through the Active Directory.
  6. Dependencies over DCOM and RPC settings are eliminated.
  7. Once the agent is installed in all the machines, you can scan those machine from Linux server.
  8. The Agent performs read only operations.

 

Cons:

  1. Agent should be upgraded if the version is changed. This can be performed from the Active Directory.

 

 

Script based Scan

 

Script based scan are for workstation and services that are not part of any domain/network. The method involves the use of a script to scan remote machines and push the inventory details to the server.

 

Pros:

  1. The machines are scanned during system startup and the data are pushed to the AssetExplorer server through HTTP. Opening additional ports is not required as the default web port is enough.
  2. Dependencies over DCOM and RPC settings are eliminated.
  3. Setting up is quick and easy as it can be configured as start up/log on script in the Active Directory.
  4. Scans machines that are offline.

 

Cons:

  1. Does not support HTTPS.
  2. Scheduling Scan at periodic intervals is not possible.
  3. Scanning devices that are part of a workgroup is complex.

 

 

Agentless Scan

 

The Agentless mode uses a built-in agent such as WMI (Windows Management Instrumentation) installed in each Windows machines to scan the inventory details and to access the workstation remotely.

 

Pros:

  1. Does not involve an agent to be installed, upgraded and maintained in each workstation.

Cons:

  1. The DCOM and RPC settings should be configured.
  2. More number of ports used when compared with agent mode. The ports are: TCP/135,TCP/445 and TCP/1024 (random port).
  3. AssetExplorer server should be installed in a Windows machine to scan windows workstations/servers.
AssetExplorer - Asset Management Software

Copyright © 2011, ZOHO Corp. All Rights Reserved.
ManageEngine