Vulnerability Scan Methods

Vulnerability scan checks the presence of security software on host machines and can install the OfficeScan agent to unprotected host machines.

There are several ways to run vulnerability scan.

Table 1. Vulnerability Scan Methods



Manual vulnerability scan

Administrators can run vulnerability scans on demand.

DHCP scan

Administrators can run vulnerability scans on host machines requesting IP addresses from a DHCP server.

Vulnerability Scanner listens on port 67, which is the DHCP server’s listening port for DHCP requests. If it detects a DHCP request from a host machine, vulnerability scan runs on the machine.


Vulnerability Scanner is unable to detect DHCP requests if you launched it on Windows Server 2008, Windows 7, Windows 8, Windows 8.1, Windows 10, or Windows Server 2012.

Scheduled vulnerability scan

Vulnerability scans automatically run according to the schedule configured by administrators.

After Vulnerability Scanner runs, it displays the status of the OfficeScan agent on the target host machines. The status can be any of the following:

  • Normal: The OfficeScan agent is up and running and is working properly

  • Abnormal: The OfficeScan agent services are not running or the agent does not have real-time protection

  • Not installed: The TMListen service is missing or the OfficeScan agent has not been installed

  • Unreachable: Vulnerability Scanner was unable to establish connection with the host machine and determine the status of the OfficeScan agent