Showing results for 
Show  only  | Search instead for 
Did you mean: 
Lansweeper Employee
Lansweeper Employee

Why use a Scanning Agent

Lansweeper can scan the entire IT environment without agents, as you have learned in previous chapters. However, some assets may be difficult to reach due to various factors, such as:

  • Mobility and location of devices (e.g., remote laptops out on the road, home offices, devices at remote locations
  • Segmented machines in protected zones (DMZs)

With Lansweeper, you do not have to make the choice to only use agentless or agent-based scanning. Both methods can be used together for more comprehensive scanning.

LsAgent: Discover Hard-to-Reach Devices

LsAgent is Lansweeper's agent-based scanning method used for keeping track of difficult-to-scan devices, without depending on credentials, requirements or firewall changes. LsAgent is installed locally on devices, gathers local asset data and sends it back to the Lansweeper installation, using either a direct connection with the customer's installation or through Lansweeper's cloud-hosted relay service. The relay encrypts and stores the data in a hyper-secure environment, where the Lansweeper installation can fetch it.

Both methods (sending to your local installation and through Lansweeper’s cloud-hosted relay service) can be used at the same time. This provides flexibility for those remote users who may come into the office on occasion.

LsAgent is not limited to run only on Windows. Supported operating systems include:

  • Windows
  • Linux flavors
  • Apple Mac devices

​​However, LsAgent cannot be used to deploy any applications.


LsAgent Only

LsAgent can also be exclusively used for scanning your environment. Maybe you have a policy restricting you from entering credentials into Lansweeper. LsAgent will help you scan your assets and maintain your inventory. This is not a recommended solution as you will not be able to discover and deep scan your assets on your network. This method will only allow you to scan inventory you know already exists and you lose the power of Lansweeper’s discovery capabilities. The Agent can only be installed on Windows/Unix and MAC, so you cannot discover network assets with it.

If this is your only option, it is recommended that you enable Asset Radar so you can maintain visibility in your network.

To learn more about LsAgent, you can visit these pages:

  1. 📗LsAgent scanning feature explained
  2. ☝️How to use LsAgent
  3. ☝️How to deploy Ls with Intune
  4. 📚Use case: Governing Remote work


LsPush: Scanning Agent for Windows

LsPush is Lansweeper's legacy agent, created before LsAgent. LsPush must be executed on a Windows device and only works on Windows devices.

The most common use case for LsPush is in a production environment using older Windows systems, where there’s no possibility to install LsAgent.

The other is using LsPush in a GPO policy, logon script and Intune, which runs the LsPush agent automatically the moment someone logs in to the domain of the company, enables customers to capture actual user login times. Occassionaly Lansweeper Support may ask you to run an LsPush in order to have a full scan of an Asset or the Lansweeper server.

Use cases for LsPush:

  • accuracy in timestamps for user login times
  • user currently logged into device


To learn more about LsPush, you can visit these pages:

  1. ☝️How to scan Windows computers with LsPush
  2. 📚Differences between LsPush and LsAgent explained


Continue your training with Vulnerability Risk Assessment ▶️


New to Lansweeper?

Try Lansweeper For Free

Experience Lansweeper with your own data.
Sign up now for a 14-day free trial.

Try Now

New to Lansweeper?

Try Lansweeper For Free

Experience Lansweeper with your own data.
Sign up now for a 14-day free trial.

Try Now
Version history
Last update:
‎05-24-2023 01:56 PM
Updated by: