Although GFI allocates testing time for performance issues in an effort to optimize the scan process, in certain cases the target computer is connected via slow network connections such as the internet or a VPN. In such situations scanning on GFI LanGuard might take considerably longer than normal to complete.
This article provides recommendations for performing scans over a slow network connection.
- It is possible to perform a scan over a WAN or slow network; however, when using a slow connection, it is not recommended to use the Default Scanning Profile. In such cases, it would be advisable to create a new scanning profile that would scan for specific checks. Alternatively, use any of the other predefined scanning profiles that ship with GFI LanGuard.
- Before performing a scan:
- Go to Configuration > Scanning Profiles > Scanning Profile Editor.
- Optimize the respective scan profile as effectively as possible. Edit the following information on the Scanning Profile:
- Disable all vulnerability checks which do not apply to your environment.
- Disable scanning for all patches which are not considered as Critical or Important to your organization.
- Go through each section under Network and Software Audit Options and disable all checks which are not applicable for your environment or are not of interest; e.g., device scanning or certain system information.
- Under Scanner Options, increase all timeout values depending on your network and experiences with GFI LanGuard; e.g., increase the 'Network discovery query responses timeout' value to 1000ms
- Schedule the GFI LanGuard scans for a time where the network load is low; e.g., during lunch breaks or after working hours.
- Consider dividing scans into more frequent, smaller scans. These could each check for a different set of information.
- It is not recommended to auto-deploy any Microsoft updates or patches over slow networks.