Using the Device Scan

Screenshot 28 - GFI EndPointSecurity device scan

Use Device Scan to transparently and rapidly query organizational network endpoints, locating and reporting all devices that are or have been connected to the scan target. The application granularly identifies endpoint devices connected on the target, both currently and historically, and displays the detailed information on screen when the scan is complete.

NOTE 1: The scan target can be any computer on the network, even if it is not included in a GFI EndPointSecurity protection policy.

NOTE 2: The device scan must be executed under an account which has administrative privileges over the scan target.

To carry out a device scan:

1. Click on the Tools tab

2. Click Device Scan

3. In the right pane, specify the scan target

Screenshot 29 - Scan target Credentials

4. In the left pane, click on the ‘Credentials’ link in the ‘Scan Details’ section. Specify the credentials that GFI EndPointSecurity will use to connect to the scan target, and click OK.

NOTE: By default, GFI EndPointSecurity performs the scan using the security context under which it is running (i.e. the credentials of the currently logged on user).

Screenshot 30 - Scan target ports

5. In the left pane, click on the ‘Scan ports’ link in the ‘Scan Details’ section. Specify the device connectivity ports which will be included in the scan.

NOTE: By default, GFI EndPointSecurity scans all supported connectivity ports.

Screenshot 31 - Scan target connectivity ports

6. In the left pane, click on the ‘Scan devices’ link in the ‘Scan Details’ section. Specify the device categories which will be included in the scan.

NOTE: By default, GFI EndPointSecurity scans all supported device categories.

7. In the right pane, click Scan to start the process.

Scan results

Scan results are displayed in two sections:

•

Computers

•	Devices list

Screenshot 32 - Device scan results Computers section

The ‘Computers’ section displays scan summary results, including:

•	The name/IP of the scan target

•	The user currently logged on

•	Protection status, i.e., whether the computer is included in a GFI EndPointSecurity protection policy

•	Total number of devices currently and historically connected

•	Number of devices currently connected.

If the scan target is not included in any GFI EndPointSecurity protection policy, you can choose to deploy a protection policy to the computer. To do this:

Screenshot 33 - Deploy agents

1. Right-click on the computer

2. Select Deploy agent

Screenshot 34 - Select the protection policy to deploy

3. Select the protection policy to deploy. Click Next to continue and Finish to start deployment.

Screenshot 35 - Devices list section

The ‘Devices list’ section displays scan detail results, including:

•	Device name, description and category

•	Connectivity port

•	Connection status, i.e., whether the device is currently connected.

You can select one or more devices from this list and add them to the devices database. This database is used when specifying which devices are to be blacklisted or whitelisted. For information on blacklists and whitelists, refer to the appropriate sections in the ‘Customizing the default protection policy’ chapter.

To add devices to the devices database:

Screenshot 36 - Add device to device database

1. Select one or more devices to add from the ‘Devices list’ section

2. Right-click on the specified devices and select Add to devices database.