Software Vulnerability Manager allows scanning of target hosts using the following approaches:

Single Host Agent-based scans are conducted by the Software Vulnerability Manager Agent that can be installed in different modes: Single Host mode, Network Appliance mode, or Command Line mode.
Alternatively, you can scan the target hosts by launching a scan from the system where the Software Vulnerability Manager console is running. By using this approach, no software is installed in the target hosts. The scanning is performed using standard operating system services. This scan is also referred to as a “remote scan”.

The various types of scan are listed and shown below:

Agent-based Scan – Requirements for Windows
Agent-based Scan – Requirements for macOS
Agent-based Scan – Requirements for Red Hat Enterprise Linux (RHEL)
Remote/Agent-less Scan – Requirements (Windows)
Remote Scanning Via Software Vulnerability Manager (Agent-less Scan)
System Center Inventory Import
Remote Scanning Via Agents
Scanning Via Local Agents
Run Scan from System Center Configuration Manager (SCCM)
Scanning macOS
Scanning Red Hat Enterprise Linux (RHEL)
Filter Scan Results
Completed Scans
Inventory Assessment

Below is a visual overview of the Software Vulnerability Manager scanning options:

Note:If the WSUS Self-Signed Certificate will be used to sign the update packages created by Software Vulnerability Manager, you can use a different certificate as an alternative.

Important:Administrators must ensure that Software Vulnerability Manager, and its scanning Agent respectively, have access to all necessary system and online resources which allow the application to run as intended. The following addresses should be allowed in the Firewall/Proxy configuration to ensure that the client system is allowed access to these online resources:,, http://*, and https://*