02-17-2023 07:17 AM - last edited on 04-02-2024 11:23 AM by Mercedes_O
Hello everyone,
I have read through the available KB articles for LsAgent and installed it on my testing machine in order to get a feel for it. My goal is to present my findings to my customer who is currently scanning agentless through Active Scanning. Unfortunately, there are performance issues and VPN scenarios I hope to remedy with LsAgent.
I have the following questions and would like to ask for documentation regarding them so I can offer a small compendium with the data so the customer's security and IT infrastructure has something to work with.
1. What is the performance impact of LsAgent during scanning? Customer is afraid that the agent is going to drain client machines and making them unusable during the scan. Now my test machine was done so quickly I did not even notice it. But I cannot find any documented facts by Lansweeper. All I could find that the network traffic would take about 40kb per scan.
2. I understand that I will get the same results as I would by scanning agentless. But would I be able to get more data from the machine I would not get by using agentless? I am specifically thinking about application usage tracking and last used dates. Also, what about additional information like Exchange Server Editions? I understand I had to deploy a separate script or something in the past to get that information. Will I be able to get information like through LsAgent without any additional scanning?
3. Upload-Servers: Can I specify multiple scanning servers to upload the results to? I would like to avoid having to deploy different packages for each site or network. If I have separated vlans with a scanning server for each vlan and they cannot talk to each other, will I have to deploy a dedicated LsAgent config each or can I simply supply a list of Scanning Servers the Agent should try to upload to?
4. Can I change the upload server after I have installed the agent? If a DNS name changes for example I would like to let the agent know where to upload the inventory.
5. Will the inventory scanned be stored somewhere on the scanned client or will it be deleted after upload? If so, where could I find it?
6. Is there a best practice proposed by Lansweeper or other customers' experiences regarding when to use the agent instead of agentless scanning?
I think that is it for now. Thanks for your assistance!
Solved! Go to Solution.
02-23-2023 02:48 PM
Hi Dknappe1,
Thank you for posting on the Lansweeper Community!
We have done our best to answer your questions as comprehensive as possible. Please let us know if you have any more questions or concerns.
Performance impact
When the scanning interval of the LsAgent service is triggered, the impact is non-noticeable. Therefore, there are no documented hardware requirements because a scan may take less than a minute.
Results compared to agentless scanning
LsAgent can scan software on the asset. However, it cannot retrieve Exchange Server information like an agentless scan. LsAgent scans information like an agentless Windows asset scan.
Multiple scanning servers
This is dependent upon the configuration of your Lansweeper scanning servers. If each scanner server has a separate database, the specific server should be specified during the installation wizard. It is only possible to specify one server.
Otherwise, if all the scanning servers report to the same database and use one web console, you can configure LsAgent groups per VLAN. (Scanning > LsAgent Scanning) On the configuration tab of a group, you can specify the order in which the scan servers should try to process the LsAgent scans.
(You can find out how your installation is configured in Configuration > Your Lansweeper license. If more than one server is listed next to "Current version," then the second method may be preferable.)
Make configuration changes
We would suggest rerunning the installation wizard to make changes instead of manually doing this.
However, it is possible. The LsAgent configuration consists of two main files:
The scanning server's DNS name or IP address is stored in these files. You can manually modify the "Server=" value in the .ini file. file when the DNS name is ever changed. Additionally, the XML file must be deleted. Otherwise, the service will not use the modified value in the .ini file.
LsAgent data stored on the asset
LsAgent data is not stored on the client. It gets removed immediately after uploading.
LsAgent vs. agentless
LsAgent may be a preferred scanning option if users want to avoid specifying scanning credentials in the Lansweeper web console.
In other cases, LsAgent is most used in environments where assets leave the network of the Lansweeper scanning server. Through our LsAgent relay hosted in the cloud, LsAgent scans still have a way to provide data to the Lansweeper server.
04-06-2023 08:32 PM
I worked with Lansweeper support and received a resolution for my questions. Here is the answer to my questions from the previous reply:
============
When an asset with LsAgent installed on it does it's first check-in, wether directly to the scanserver or to the Cloud Relay, it will download the configuration and create a file in the Program Files (x86)\LansweeperAgent folder called lsagentconfiguration.xml. In this XML file will be your scanservers that you have configured, along with the relay key for your Cloud Relay, and this file is updated everytime that the LsAgent service connects to your scanservers or Cloud Relay. The end result of this is that your assets, when they connect, will be aware of your configuration and where to send their scanfiles every time.
04-04-2023 02:00 PM
Hi tsconard,
If you still need help setting this up, please contact our Support Team using the instructions on this page: https://www.lansweeper.com/contact-support/
02-23-2023 02:48 PM
Hi Dknappe1,
Thank you for posting on the Lansweeper Community!
We have done our best to answer your questions as comprehensive as possible. Please let us know if you have any more questions or concerns.
Performance impact
When the scanning interval of the LsAgent service is triggered, the impact is non-noticeable. Therefore, there are no documented hardware requirements because a scan may take less than a minute.
Results compared to agentless scanning
LsAgent can scan software on the asset. However, it cannot retrieve Exchange Server information like an agentless scan. LsAgent scans information like an agentless Windows asset scan.
Multiple scanning servers
This is dependent upon the configuration of your Lansweeper scanning servers. If each scanner server has a separate database, the specific server should be specified during the installation wizard. It is only possible to specify one server.
Otherwise, if all the scanning servers report to the same database and use one web console, you can configure LsAgent groups per VLAN. (Scanning > LsAgent Scanning) On the configuration tab of a group, you can specify the order in which the scan servers should try to process the LsAgent scans.
(You can find out how your installation is configured in Configuration > Your Lansweeper license. If more than one server is listed next to "Current version," then the second method may be preferable.)
Make configuration changes
We would suggest rerunning the installation wizard to make changes instead of manually doing this.
However, it is possible. The LsAgent configuration consists of two main files:
The scanning server's DNS name or IP address is stored in these files. You can manually modify the "Server=" value in the .ini file. file when the DNS name is ever changed. Additionally, the XML file must be deleted. Otherwise, the service will not use the modified value in the .ini file.
LsAgent data stored on the asset
LsAgent data is not stored on the client. It gets removed immediately after uploading.
LsAgent vs. agentless
LsAgent may be a preferred scanning option if users want to avoid specifying scanning credentials in the Lansweeper web console.
In other cases, LsAgent is most used in environments where assets leave the network of the Lansweeper scanning server. Through our LsAgent relay hosted in the cloud, LsAgent scans still have a way to provide data to the Lansweeper server.
03-21-2023 05:12 PM
Hello Thibo & co. Regarding the "multiple scanning servers" section of your reply, point #11 on this article (Installing LsAgent on a Windows computer - Scanning your network - Lansweeper Community) describes this.
However, I am left uncertain about how this works. I am setting up a new Lansweeper installation (new customer) and I have considered using a round-robin DNS record for the --server parameter when doing my silent LsAgent installation. If this unnecessary if multiple scan servers are set up and the LsAgent groups are configured correctly?
If unnecessary, how does a client running LsAgent have awareness of the other scan servers that were not defined in its --server parameter (from when it was originally installed?)
Example:
Scan server #1 = LSscan1.domain.com
Scan server #2 = LSscan2.domain.com
LsAgent on workstation1 was installed with --server LSscan1.domain.com
If LSscan1.domain.com is down, how does the client know of the existence of LSscan2?
Thanks!
04-06-2023 08:32 PM
I worked with Lansweeper support and received a resolution for my questions. Here is the answer to my questions from the previous reply:
============
When an asset with LsAgent installed on it does it's first check-in, wether directly to the scanserver or to the Cloud Relay, it will download the configuration and create a file in the Program Files (x86)\LansweeperAgent folder called lsagentconfiguration.xml. In this XML file will be your scanservers that you have configured, along with the relay key for your Cloud Relay, and this file is updated everytime that the LsAgent service connects to your scanservers or Cloud Relay. The end result of this is that your assets, when they connect, will be aware of your configuration and where to send their scanfiles every time.
Experience Lansweeper with your own data. Sign up now for a 14-day free trial.
Try Now