Scanning managed computers now

Applies To: Forefront Client Security

You can use the dashboard to start an on-demand scan. On-demand scans:

  • Can be of all managed computers or of a single, specific managed computer.

  • Can be a quick scan or a full scan.

  • Always include an SSA scan.

  • Always include checks for definition updates prior to the scan.


Before you begin an on-demand scan, especially of all managed computers, consider that scanning can use significant system resources. If the scan can be run when computer usage is low, it is recommended that you run the scan at such a time; however, if you are performing the scan in response to a "Malware Outbreak" alert or other strong evidence of widespread propagation of malware in your organization, the effect on the performance of client computers is likely to be worth the opportunity to stop the outbreak.

Managed computers are those that meet all of the following criteria. Managed computers:

  • Have the Client Security agent installed.

  • Have the MOM agent installed.

  • Have reported to the MOM server and provided the information required for MOM to determine that the computer has the Client Security agent.

  • Are on the approved list in the MOM Administrator console.

  • Belong either to the Active Directory domain that contains the Client Security management server or to an Active Directory┬« directory service domain that has a two-way trust with the domain containing the Client Security management server.

When a computer is shut down or cannot be contacted for other reasons (such as a portable computer that is currently not connected to your network), it receives the instruction to begin an on-demand scan when it reconnects to the network. If more than one instruction to perform an on-demand scan is given, MOM queues only one of those instructions for each unavailable computer.


To start a scan of managed computers

  1. On the Dashboard tab, click the Scan Now button. The Scan Now dialog box appears.

  2. To select the computers to scan, do one of the following:

    1. If you want to scan every computer that Client Security manages, select Scan all managed computers.

    2. If you want to scan a single computer, select Scan a specific computer, and then enter the name of that computer in the Name box.


      You cannot specify the computer by IP address. You must use the computer name.

  3. Select the type of scan you want to perform: Quick scan or Full scan.

  4. Click the Scan Now button. If you are scanning all managed computers, a confirmation message appears. Click Yes to start scanning all managed computers.

  5. For the next few hours, refresh the dashboard periodically to check for issues discovered by the scan.


    The dashboard does not display data specific to the progress of the scan. To check the progress of the scan on a particular computer, use the Computer Detail report. For more information, see Viewing and printing reports.