Overview

Scanning of some of the remote machines is too slow - both agent and agentless scans from the LanGuard server taking several hours to complete.

Solution

As GFI LanGuard continually increases the number of supported applications to be scanned and the number of patches available for supported applications grows, it inevitably takes longer times to scan, particularly during scans from the console (Interactive and console Scheduled scans).

Although GFI allocates a significant amount of testing time for performance tests to optimize the scan process, the overall scanning speed heavily depends on the environment size and network speed, requirements to be in place, scanning profile being used, and the number of computers scanned at the same time.

Address the scanning speed issues with the help of one or more of the following suggestions:

• Verify that the LanGuard server meets minimum System Requirements for the environment of your size. Pay attention to the SQL Standard Edition database requirement for a large network.
• Apply the Recommended Settings for Best Performance in GFI LanGuard. Be thorough, in some cases, it might be needed to verify the protection engine exclusions in practice by analyzing antivirus logs or monitoring CPU usage during a scan with a Windows Task Manager.
• Schedule your scans to run during periods when network usage is lowest, and the target computers are not actively used.
• Use Agent scans instead of Interactive scans whenever possible.
• Ensure your targets are also meeting the requirements to run agents and schedule agent scans when the target computers are busy.
• Customize Scanning Profile(s) used for scans to disable all checks which are not applicable for your environment or are not of interest:
  1. Port Scanning - this is especially time-consuming.
  2. Vulnerability scanning - if your main emphasis is on patching.
  3. Application scanning - especially the option to enable Full Security Applications Audit for Agentless Scans - LanGuard must deploy approximately 50 files to the target computer to collect this information.
• Split scanning into different scheduled scans at different times using different profiles (ex. Alternate daily scans for Missing Patches and Vulnerability Scans, scan once weekly for installed applications, and once weekly for port scanning). 
• Remove the machines no longer in use from the list of scanning targets and LanGuard console Computer Tree to avoid scanning delays due to timeouts.
• Increase the number of scan threads to 8 for the console scan if your LanGuard server hardware specifications are way above the minimum requirements. This will allow 8 target computers to be scanned simultaneously (we do not recommend going higher than this number). 
• Use relay servers to spread the load and to apply load balancing techniques.

Testing

Once you apply the recommendations, verify the scanning speed improvement. If the issue persists, contact GFI LanGuard Support, gathering and submitting the following:

• Logs from the LanGuard server
• Logs from one affected machine
• Scan results from the same machine

Related Articles

• Recommended Settings for Best Performance in GFI LanGuard
• Recommendations for Performing Scans over a Slow Network Connection