RSA Version/Condition: 4.1.x and higher versions
Platform: Windows
Product Name: RSA
Product Description: ECAT Agents
How to configure and what are ramifications (if any) when running on a compromised or infected system.
Perform a Scan in Standalone Mode
If the client machine is not connected to a network and cannot communicate with ConsoleServer, a scan in stand-alone.
The mode can be performed.
This type of scan is performed manually on the client machine.
Use ECAT UI to generate a scan configuration file.
To generate the scan configuration file:
- Click Tools > Standalone Scan > Export Scan Configuration.
- (Optional) Select desired parameters.
- You have two options for scanning:
◦ Click Quick Scan or Full Scan under the Default tab of the Request Scan dialog box.
◦ If you wish to customize the categories or parameters for your scan, access the Advanced tab, select the desired options, and click Proceed.
- Enter a password to protect the scan configuration file and click OK.
Note: The password must be between 8 and 32 characters. It should be recorded for reference because it will be used later in the process.
- Navigate to the location where you want to save the file.
- Enter a filename and click Save.
- Transfer the scan configuration file to the client machine. This can be performed with a USB key or any other kind of media.
- Install the agent using the same package that would have been used for a normal agent installation.
Note: If the agent is already deployed, it does not need to be reinstalled. Any agent installation will work.
Once the agent is installed, start the stand-alone scan.
To start a stand-alone scan:
- Open a command prompt on the client machine.
- Locate the client .exe file in the folder C:\windows\system32.
The filename is the one provided in the “ECAT Service Name” field in the ECAT Packager.
- Run the .exe file in the command prompt using the following syntax:
ECAT /password <password> /scanfile <scan config file>
Where:
<password> is the password provided to ECAT UI when generating the scan configuration file.
<scan config file> is the path to the scan configuration file.
Wait until the “Scan completed” message is displayed.
- Transfer the result file back to the machine hosting ECAT UI for the import after the scan is completed.
Note: The file location is displayed in the command prompt.
To import stand-alone scan data:
- Click Tools > Standalone Scan > Import Scan Data.
- Navigate to the location of the scan data file and click Open.
- Enter the same password that was provided earlier in the process.
- The scan has now been queued and will be processed by ConsoleServer
The scan is composed of two files.
The requested file is the configuration information needed to run the scan and the received file contains the results of the scan.
Both files are encrypted.
Contents of the results file are not executable, so they can be imported and processed by ECAT.
Related Articles
Announcing the October 2021 Release of SecurID Number of Views Inserting credentials into RSA DLP Datacenter Agent/Grid scan groups Number of Views Apache vulnerability 'Apache HTTP Server mod_rewrite' from scan Number of Views What files on a workstation with RSA Authentication Agent 7.4.x for Windows may potentially show as false positive from a … Number of Views RSA Authentication Manager 8.2 Multiple OpenSSL Vulnerabilities - False Positive Number of Views
Trending Articles
Passwordless Authentication in Windows MFA Agent for Active Directory – Quick Setup Guide RSA Authentication Manager 8.9 Release Notes (January 2026) RSA Authentication Manager Upgrade Process RSA Authentication Manager 8.7 SP2 Setup and Configuration Guide An example of SSO using SAML and ADFS with RSA Identity Management and Governance 6.9.x
