Manual scans

Manual scan is the process of performing audits on target computers without using agents. To perform a manual scan on a specific computer:

  1. Launch GFI LanGuard.
  2. From the Home tab click Launch a Scan. Alternatively, click the Scan tab.

Manual scan settings

  1. From the Scan Target drop–down menu, select the target computer or group of computers to scan using the following options:
Option Description
Localhost Audit the local host where GFI LanGuard is installed.
Domain: primary domain Audit the entire domain / workgroup of the computer / server where GFI LanGuard is installed.


Optionally, from the computer tree, right-click a computer/computer group and select Scan > Custom Scan.

  1. Click the browse button (...) to define custom rules for adding scan targets.

Custom target properties

Custom target properties

  1. From the Custom target properties dialog, click Add new rule links to create a custom rule for computers you want to scan or exclude from scanning.

Add new rule...

  1. From the Add new rule dialog, select the Rule type described below to add computers:
Rule type Description
Computer name is

Search and add computers by name. Key–in a valid computer name and click Add for each computer. Click OK to apply changes.

Computers file list is

Search and add computers from a text file. Click the browse button and locate the text file. Click OK to apply changes.


When submitting a list of target computers from file, ensure that the file contains only one target computer name per line.

Domain name is Search and add computers that are members of a domain. Select the domains from the list and click OK.
IP address is Search and add computers by IP address. Select This computer to add the local host or Scan another computer to add a remote computer. Key–in the IP address if required and click OK.
IP address range is

Search and add computers within an IP range. Select Scan an IP address range and key in the IP range or select CIDR subnet and key–in the range using CIDR notation.


The Classless Inter–Domain Routing (CIDR) provides an alternative way of specifying an IP address range. The notation is as follows: <Base address> / <IP network prefix>. Example:

Organization unit is Search and add computers within an organizational unit. Click Select and from the list select the Organizational units. Click OK.
  1. Once the rules are added, click OK to close the Add new rule dialog. Click OK to close the Custom target properties dialog and return to the scan settings.
  2. From the Profile drop–down menu, select the scan profile that you want GFI LanGuard to action during the scan. For more information refer to Available Scanning Profiles.
  3. From the Credentials drop–down menu, select the log–on method used by GFI LanGuard to log onto the scan targets. The table below describes the available options:
Option Description
Currently logged on user Use the current logged on user credentials when logging on scan targets.
Alternative credentials Use custom credentials. Key–in the user name and password to use.
A null session Log onto scan targets using a null session. The user will log onto the target machine as an anonymous user.
A private key file

Log onto UNIX/LINUX/MAC machines using SSH. Three elements are required for the login:

  • Username
  • SUDO password
  • path to the file that stores the private key


The credentials provided need to have administrator privileges in order for GFI LanGuard to log–on to the target computers and carry out the network audit.

  1. (Optional) Click Scan Options and configure the options described below:
Option Description
Use per computer credentials when available Login to the target machines using the credentials specified in the DashboardA graphical representation that indicates the status of various operations that might be currently active, or that are scheduled.
Remember credentials Use the configured credentials as default when performing an audit.
Wake up offline computers GFI LanGuard attempts to power on offline computers using Wake-on-LAN. For more information refer to Configuring Wake-on-LAN on scan targets.
Shut down computers after scan Shut down when a scan is complete.
  1. Click Scan to start auditing the selected targets.