A new Flexera Community experience is coming on November 18th, click here for more information.
This guide will your setup a Group Policy Object that enables you to configure all required intranet requirements for the Network Appliance Agent that can be downloaded as part of SVM 2019.
The Network Appliance Agent requires as almost a dozen intranet requirements that must be met on the system from where it launches simultaneous scans, and on the system being scanned by it.
It is best practice to have the configuration enabled through a separate domain Group Policy Object and then move the GPO to apply only to test hosts first, before enabling it domain-wide next (if necessary).
1. Create New GPO from under 'Group Policy Objects’
2. Expand Computer Configuration/Policies/Windows Settings/Security Settings
Inside 'System Services', set below services to 'Automatic' startup mode:
COM+ System Application
Workstation
Server
Remote Registry
4. Expand Computer Configuration/Policies/Windows Settings/Security Settings/Local Policies/Security Options
Set 'Network Access: Sharing and security model for local accounts" to “Classic”
5. Expand Computer Configuration/Policies/Administrative Templates .../Network/Network Connections/Windows Firewall/Domain Profile
Enable'Windows Firewall: Allow inbound file and printer sharing exception'
In the event that you've tried enabling the settings locally on per-machine basis and you end up seeing SVM Network Appliance Agents failing to perform scans, you might be facing GPO blocking against some of the intranet requirements.
SVM 2019 normally displays error messages that indicate the type of problem:
If it is 'Failed: Access Denied' message it displays = there is probably a GPO blocking that restrict your account permissions to perform the network activities appliance agent performs.
If it is 'Failed: Error Connecting' message it displays = one of the prerequisites is likely to be blocked by GPO overwrite. You should start with looking for the Remote Registry setting first.
If it is 'Failed: No Connection', then it means that the NAA determined that some of the host names or IP addresses being targeted by its configuration do not exist on the network.
Apr 26, 2019 07:09 PM - edited Sep 13, 2019 04:55 PM