The user launches the search job through the Client Console (from a computer with the protection installed).
Job status: On hold
The computer that performs the search downloads the search command from the server. The server becomes aware of the action and changes the job status.
Job status: Starting
The computer that performs the search calculates the priority of the new job in relation to other jobs that might also be waiting to be run. The new job waits its turn according to the priority queue.
Job status: Starting
The computer that performs the search checks to see if it fulfills the requirements to run the job.
Job status: Starting
A message is sent to the server indicating that the job has started running.
Job status: In progress
The computer that performs the search starts scanning the network for the relevant computers.
Job status: In progress
Getting a list of computers:
By IP address (Ranges of IP addresses and subnet)
The system pings each IP address using the ICMP protocol
It waits for a response to the pings
It tries to resolve the names of the IP addresses that respond
By domain
A list is made of all the computers that belong to the domain
Checking to see if the computers on the list have the agent installed
A message is sent to the agent
The system waits for the response
Generating a computer list and sending the results to the server.
The computer that performs the search sends the server a list of all the unprotected computers on the network, even though the list may not have changed from the one previously sent from the same computer.
This list contains:
Computers without an agent installed.
Computers integrated into another client.
It is not possible to communicate with agents from other clients, therefore no response is received and the system understands the computer is unprotected.
Computers with an agent version prior to 5.05.
The agent on these computers cannot respond to search messages, and so they are considered unprotected.
Computers with an agent version 5.05 or later, which haven’t responded to the search message in due time. The wait time for a response is = 3 sec (wait factor)* Number of computers that responded to the ICMP ping+30 sec (security margin).
Blacklisted computers (provided they have an agent version 5.05 or later and are integrated into the client’s console) are not considered as unprotected computers and will NOT appear as the result of the search job.
The following information is obtained about each unprotected computer found:
IP address.
Computer name, if the computer that performed the search could resolve it.