Challenges with Sensor-Based Scanning

Network Dependency:
Sensor-based scanning requires the target machines to be online and accessible to the network probe. This can lead to failures if:

• Target machines are located on different networks.
• They are connected through a VPN.

Credential Requirements:
For a successful scan, the sensor must have valid credentials to connect to remote hosts. Configuring these credentials can be complex and error-prone.

AzureAD Limitations:
Sensor-based scanning is not feasible for machines joined to AzureAD.

• Microsoft’s authentication methods for AzureAD differ significantly from standard NTLM connections.
• This makes remote scanning impossible in such cases.

Benefits of Agent-Based Scanning

Network Flexibility:
Agent-based scanning eliminates the need for network proximity. Machines can be scanned whether they are online or offline, on-premises, or remote.

No Geographic Restrictions:
Scans are not limited by location, making this method ideal for geographically distributed machines or organizations.

Direct Communication:
The agent communicates directly with the CYRISMA instance. This:

• Removes reliance on network routing or configuration.
• Simplifies the scanning process.
• Improves reliability and accuracy.

Conclusion

Agent-based scanning offers significant advantages in terms of flexibility, reliability, and ease of use, especially in scenarios involving remote or AzureAD-joined machines. While sensor-based scanning may suit limited use cases, agent-based scanning is the more effective solution for most environments.

For assistance in setting up agent-based scanning or further inquiries, feel free to contact CYRISMA Support.