Skip to main content

Remote/Agent-less Scan – Requirements (Windows)

If you prefer to scan without installing the Software Vulnerability Manager Agent (Agent-less scans), the following requirements should be present in the target hosts:

  • Ports 139/TCP and 445/TCP open inbound (on hosts)
  • File sharing enabled on hosts
  • Easy/simple file sharing disabled
  • Windows Update Agent 2.0 or later

Required Windows services started on hosts:

  • Workstation service
  • Server service
  • Remote Registry service (by default is disabled on Win7/Vista)
  • COM+ services (COM+ System Application: Set to Automatic)

In order for a remote/Agent-less scan to succeed, the user executing the scan – whether that’s the user running the Software Vulnerability Manager console or the user for the service running the network appliance – must have local administrative privileges on the scanned hosts.

When performing Remote/Agent-less scans, the result may be displayed as Partial in the Completed Scans page. This is caused by the Windows Firewall default settings that block the RPC dynamic ports.

On the host, in Windows Firewall, the user should create an inbound rule to allow inbound traffic for all products that use RPC dynamic ports.

To create the rule:

  1. From Windows Control Panel (View by Category) > System and Security > Windows Firewall, select Advanced settings
  2. Select Inbound Rules in the Windows Firewall with Advanced Security on Local Computer pane and then select New Rule in the Actions pane
  3. The New Inbound Rule wizard opens
  4. Select Custom rule and click Next
  5. Select All programs and click Next
  6. In the Protocol and Ports window:
  7. From the Protocol type: drop-down list, select TCP
  8. From the Local port: drop-down list, select RPC Dynamic Ports
  9. Click Next until the Profile window appears
  10. Clear Private and Public, select Domain and click Next
  11. Give the rule a name, for example: Software Vulnerability Manager
  12. Click Finish

Once you have created the rule, use the Software Vulnerability Manager console to perform a remote scan of the PC. The host will connect to Windows Update and the scan status should be displayed as Success in the Completed Scans page.