Authentication on Windows: best practices

When scanning Windows assets, we recommend that you use domain or local administrator accounts in order to get the most accurate assessment. Administrator accounts have the right level of access, including registry permissions, file-system permissions, and either the ability to connect remotely using Common Internet File System (CIFS) or Windows Management Instrumentation (WMI) read permissions. In general, the higher the level of permissions for the account used for scanning, the more exhaustive the results will be. If you do not have access, or want to limit the use of domain or local administrator accounts within the application, then you can use an account that has the following permissions:

Note:   If you are not using administrator permissions then you will not be granted access to administrator shares and non-administrative shares will need to be created for read access to the file system for those shares.

InsightVM and the network environment should also be configured in the following ways:

Note:   Port 445 is preferred as it is more efficient and will continue to function when a name conflict exists on the Windows network.

If your organization’s policies restrict or prevent any of the listed configuration methods, or if you are not getting the results you expect, contact Technical Support.