This Article Applies to:
- Business Hub
Network discovery in the Business Hub enables you to scan your network so you know what devices are connected to it. This involves two main steps:
- Configuring scan settings
- Scanning network for devices
To access these settings, click the Network Discovery tab on the Devices page. Then click Set up your first scan.
Adding Scanning Agent
The Scanning Agent is responsible for scanning for devices on your network and, if desired, remotely distributing Avast services to those devices. It functions more or less the same as the Local Update Server (see Setting Up Update Agents and Local Update Servers).
Only Windows devices can become Scanning Agents.
- Click + Add Scanning Agent
- Select the checkbox of the device you would like to promote to scanning agent
- Click Add Scanning Agent
Once a Scanning Agent has been added, it will appear in the Devices scanning your networks section of the settings.
Scanning Agent can only be enabled for devices running Antivirus agent version 4.31 or higher.
Scanning Agents have access to your entire network and can remotely access devices. For security, we recommend the following:
- use only 1 Scanning Agent per network
- ensure your Scanning Agent is a trusted, non-roaming device with secure access (such as a server)
- use a device your network administrator has full control over
- if necessary, add exceptions in your network for the scanning agent to avoid triggering network security measures
There are two available methods for scanning your network.
Network scan: this option scan all devices connected to your network. The device detection process uses Address Resolution Protocol (ARP) to ping all IP addresses within the subnet in order to get their MAC address. This process can take up to 15 minutes, possibly longer depending on the network. If a response is received with a MAC address, a reverse DNS lookup occurs to get the host name for the IP.
Active Directory scan: this option scans all devices that are part of your Active Directory domain by fetching the AD database.
Use the toggles to select which scan method(s) you would like to use. If you choose Active Directory scan, ensure you enter the domain name and your AD credentials (user name and password).
- only scan your private networks
- ensure your scanning agent is a trusted, non-roaming, and protected device (such as a server), and configure exceptions for it if needed
- provide adequate time for the scan to complete — a larger network will take longer to scan
If you would like to remove devices from the list of found devices that are not managed or cannot be managed by the Hub, you can choose to have them automatically deleted if they have not been seen in the past 30 days. Use the toggle beside Auto-removal of old devices to turn this on or off.
Scanning your network for devices
Once you have configured your Network scan settings, click Scan network to save your selections and begin the scan.
When the scan is complete, you will be able to see all found devices in a list, which includes the device's name, IP address, Active Directory Group (if applicable), what scanning agent detected it, when it was last detected, and its status.
Unmanaged: the device is not managed by the Hub and meets System Requirements
Installation queue: Avast services are waiting to be installed
Installing Avast: Avast services are being installed on the device
Installation failed: Avast services could not be installed due to an error (such as credentials or offline device)
Unmanageable: the device is not managed by the Hub but does not meet System Requirements
Offline: the device could not be reached or is offline
Managed by Avast: the device is already managed by the Hub
Remote Deployment becomes available once you have installed Avast services on at least one device in your network. You can see whether or not you have managed devices on the Devices page of the Hub. See Adding Devices to Your Network for more details on adding devices manually.
Remotely installing Avast services on devices
Once a network scan has been completed and you have located Unmanaged devices on the Network Discovery tab, you can remotely install Avast services.
For devices that are not connected to Active Directory, you will need to disable remote UAC (User Account Control). Open RegEdit, navigate to
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System, and add or edit the item "
DWORD LocalAccountTokenFilterPolicy" and set to 1.
- Click the checkbox(es) for the device(s) you would like to manage in the Hub
- Click Install security services
- Choose installation settings:
- Select which services to install using the drop-down menus and the toggles
- Select which group and policy to use
- Enter local admin credentials for remote access to the device
- Without these credentials, remote deployment will fail. Ensure the correct username and password have been entered.
- Select whether to automatically remove conflicting Antivirus products from the device
- Click Install the package remotely
Remote deployment may take some time, depending on the number of devices you are adding, the services you chose, and the speed of your network. Ensure the device is online until the installation finishes. Successfully installed devices will appear on the Managed devices tab.
Other Articles In This Section: