Enterprise Server contains the Network Scanner component.
|
It is not recommended to launch the Network Scanner under Windows 2000 and earlier operating systems due to possible insufficiencies of network review. The functioning of the Network Scanner is guarantied under UNIX system-based operating systems and Windows XP or later Microsoft Windows operating systems.
The Network scanner requires Dr.Web Browser-Plugin. |
Network Scanner provides the following functions:
◆Scan (browse) the network for workstations.
◆Detect Enterprise Agents on stations.
◆Install Enterprise Agent on the detected stations as instructed by the administrator. Enterprise Agent installation is described in detail in p. Installing the Dr.Web Enterprise Agent Software through the Dr.Web Control Center.
To scan (browse) the network
1.Open the Network Scanner window: select the Administration item in the main menu of the Dr.Web Control Center and select Network Scanner item in the control menu.
2.If necessary, set the Quick scan flag for express scanning.
3.In the Networks field specify networks in the following format:
◆with a hyphen (for example, 10.4.0.1-10.4.0.10)
◆separated by a comma with a whitespace (for example, 10.4.0.1-10.4.0.10, 10.4.0.35-10.4.0.90)
◆with a network prefix (for example, 10.4.0.0/24).
4.Specify the port to connect with the Agent.
5.If necessary, change the value of timeout in seconds, which defines time limit for receiving an answer from inquired stations.
6.Set the Show the station name flag to display either IP address and DNS name of found network stations.
If a station is not registered at DNS server, only its IP address displays.
7.Set the Correlate with stations list from database flag to enable synchronization of Network Scanner search results with the stations list stored at the Server DB. If the flag is set, the list of found network stations contains stations from the Server DB list that are not found by the Network Scanner during current search, e.g. if a firewall installed at stations blocks the transfer of packets needed to establish a TCP connection.
During synchronization of Network Scanner search results with Server DB data, the Server DB data has priority, i.e. if station statuses from search results and from DB are differ, the status from DB is set.
8.Click the Scan button to launch network scanning.
9.The catalog (hierarchical list) of computers demonstrating where the Dr.Web ESS anti-virus software is installed will be loaded into this window.
Unfold the catalog elements corresponding to workgroups (domains). All elements of the catalog corresponding to workgroups and individual stations are marked with different icons the meaning of which is given below.
Icon |
Meaning |
|---|---|
Workgroups |
|
|
The work groups containing inter alia computers on which the Dr.Web ESS anti-virus software can be installed. |
|
Other groups containing protected or unavailable by network computers. |
Workstations |
|
|
The detected station is registered in the DB and active (i.e. the workstation with installed anti-virus software). |
|
The detected station is registered in the DB as deleted (i.e. the workstation is listed in the table of deleted stations). |
|
The detected station is not registered in the DB (i.e. there is no anti-virus software on the station). |
|
The detected station is not registered in the DB (the station is connected to another Server). |
|
The detected station is registered in the DB, bus it is not active and the port is closed. |
You can also unfold catalog items corresponding to computers with the 
or 
icon, and check which program components are installed there.
Click the 
icon of component at the station, connected to this Server, to open component settings window.
Interaction with Dr.Web Enterprise Agents
Network Scanner has been included in Dr.Web ESS starting from version 4.44.
|
Network Scanner can detect the Agents of version 4.44 and older but cannot interact with Agents 4.33. |
Enterprise Agents 4.44 and older installed on protected stations process respective calls of Network Scanner received at a certain port. By default port udp/2193 is using, but also port udp/2372 is supported for compatibility with older versions. Correspondingly, it is the default port offered by the Scanner to call at. Network Scanner decides whether there is an Agent on the workstation based on the assumption of the possibility to exchange information with the station (request-response) through the specified port.
|
If the station is forbidden (for example, by a firewall) to accept packages at udp/2193, the Agent will not be detected and consequently Network Scanner considers that there is no Agent installed on the station. |
If the Quick scan option is enabled, the following actions will be performed:
1.Ping requests are sent to network computers.
2.The parallel poll for Agents detection is performed only for computers which has answered to ping requests.
3.Agents detection procedure is implemented according to general rules.
|
Ping requests can be blocked because of network policies (e.g. by firewall settings). For example: If in Windows Vista and later OS network settings the Public location options is set, OS will block all ping requests. |
During regular scanning, ping requests are not sent and all stations in the network are sequentially scanned to detect Agents. This method can be used as an addition to quick scan, if there are stations in the network, whereon ping requests are blocked.
Quick scan is parallel, regular scan is sequential.
The Network scanner operating speed is different for these cases. Maximal scanning time is calculated in the following way:
◆for regular scan: <N> * <timeout>,
◆for quick scan: <N>/40 + 2*<timeout>,
where: <N> - stations quantity, <timeout> - value, specified in the Timeout field.