The Alert Logic appliance is used to perform internal scans on your environment. When conditions - such as hardened systems or low bandwidth networks - prevent network scanning from an appliance in your environment, you can run only agent-based scans for those hosts. A scan appliance for an Essentials-only deployment is not required since agent-based scans run from an Alert Logic agent for Windows or Linux on a host. Alert Logic scans your host using a locally installed program to identify vulnerabilities and missing patches.
To enable agent-based scanning, follow these steps in the Alert Logic console - (navigation menu) > Configure > Deployments > choose a deployment > Agent-Based Scanning > Enable agent-based scanning.
In addition to enabling agent-based scanning, you will need to perform the following actions to support scanning without an appliance in an Essentials-only deployment:
- Configure AWS deployments in Manual Mode
- Disable all internal health network scan schedules for the deployment
- Dispose of health remediations related to the appliance
For additional details on agent-based scanning, see these support resources:
- Does Alert Logic combine results from internal network and agent-based vulnerability scans?
- Will Alert Logic run all network checks against a host with agent-based scanning enabled?
- What is the difference between agent-based scanning, and authenticated and unauthenticated scanning?
- Agent-Based Scanning
- Manage Scan Schedules
- Get Started with Alert Logic Scans
- About Alert Logic Scans
- AWS Deployment Configuration - Automatic Mode (Essentials)
- AWS Deployment Configuration - Manual Mode (Essentials
- Microsoft Azure Deployment Configuration (Essentials)
- Data Center Deployment Configuration (Essentials)
- Data Center Deployment Configuration - Google Cloud Platform (Essentials)