Manual scans

Manual scan is the process of performing audits on target computers without using agents. To perform a manual scan on a specific computer:

1. Launch GFI LanGuard.
2. From the Home tab click Launch a Scan. Alternatively, click the Scan tab.

Manual scan settings

3. From the Scan Target drop–down menu, select the target computer or group of computers to scan using the following options:

Option	Description
Localhost	Audit the local host where GFI LanGuard is installed.
Domain: primary domain	Audit the entire domain / workgroup of the computer / server where GFI LanGuard is installed.

4. Click the browse button (...) to define custom rules for adding scan targets.

Custom target properties

5. From the Custom target properties dialog, click Add new rule links to create a custom rule for computers you want to scan or exclude from scanning.

Add new rule...

6. From the Add new rule dialog, select the Rule type described below to add computers:

Rule type	Description
Computer name is	Search and add computers by name. Key–in a valid computer name and click Add for each computer. Click OK to apply changes.
Computers file list is	Search and add computers from a text file. Click the browse button and locate the text file. Click OK to apply changes. NOTE When submitting a list of target computers from file, ensure that the file contains only one target computer name per line.
Domain name is	Search and add computers that are members of a domain. Select the domains from the list and click OK.
IP address is	Search and add computers by IP address. Select This computer to add the local host or Scan another computer to add a remote computer. Key–in the IP address if required and click OK.
IP address range is	Search and add computers within an IP range. Select Scan an IP address range and key in the IP range or select CIDR subnet and key–in the range using CIDR notation. NOTE The Classless Inter–Domain Routing (CIDR) provides an alternative way of specifying an IP address range. The notation is as follows: <Base address> / <IP network prefix>. Example: 192.168.0.0/16
Organization unit is	Search and add computers within an organizational unit. Click Select and from the list select the Organizational units. Click OK.

7. Once the rules are added, click OK to close the Add new rule dialog. Click OK to close the Custom target properties dialog and return to the scan settings.
8. From the Profile drop–down menu, select the scan profile that you want GFI LanGuard to action during the scan. For more information refer to Available Scanning Profiles.
9. From the Credentials drop–down menu, select the log–on method used by GFI LanGuard to log onto the scan targets. The table below describes the available options:

Option	Description
Currently logged on user	Use the current logged on user credentials when logging on scan targets.
Alternative credentials	Use custom credentials. Key–in the user name and password to use.
A null session	Log onto scan targets using a null session. The user will log onto the target machine as an anonymous user.
A private key file	Log onto UNIX/LINUX/MAC machines using SSH. Three elements are required for the login: Username SUDO password path to the file that stores the private key

10. (Optional) Click Scan Options and configure the options described below:

Option	Description
Use per computer credentials when available	Login to the target machines using the credentials specified in the DashboardA graphical representation that indicates the status of various operations that might be currently active, or that are scheduled.
Remember credentials	Use the configured credentials as default when performing an audit.
Wake up offline computers	GFI LanGuard attempts to power on offline computers using Wake-on-LAN. For more information refer to Configuring Wake-on-LAN on scan targets.
Shut down computers after scan	Shut down when a scan is complete.

11. Click Scan to start auditing the selected targets.