Minimum Scanning Requirements

These are the minimum requirements for the host device or virtual machine that runs the Movere Console.

Console Device System Requirements

Device running the Movere Console:

• Operating System: 64-bit Windows device running Windows Server 2008 or Windows 7 (and above)
  • To check, run the following command in Command Prompt as an administrator: wmic OS get Caption, OSArchitecture, TotalVisibleMemorySize
• .NET Framework:  4.5.2 (and above)
  • To check, run the following command in Command Prompt as an administrator: reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4\full" /v version
• Memory: 8 GB RAM, +1GB additional RAM per 200 servers to be scanned
• Free space: 500 MB
• User account running the console is domain account
  • To check, run the following command in Command Prompt as an administrator: whoami
• Local admin access for the user account running the Movere console AND local admin access for the user account(s) leveraged for scanning the targeted Windows devices.
  • To check, run the following command in Command Prompt as an administrator: net localgroup administrators
• Device has internet access:
  • To check, run the following command in Command Prompt as an administrator: ping bing.com 

Target Device (to be scanned): 

• Windows 2000 Pro, Windows 2000 Server (and above).

Active Directory & DNS

Device running the Movere Console:  

• Device joined and connected to AD. Device name resolves in DNS.
  • To check, run the following command in Command Prompt as an administrator: wmic computersystem get domain

Target Device (to be scanned):  

• Device name resolves in DNS.

Firewall Rules 

Device running the Movere Console:

• Inbound rules: TCP 80 (or custom port, editable via Movere.Service.exe.config)
• Outbound rules: TCP 389, 3268 (LDAP)
• Port 443 must be opened to the Internet for upload and download
  • To test if port 443 is open:
    • Download the Microsoft PSPING utility from: https://technet.microsoft.com/en-us/sysinternals/psping.aspx.
    • Click the Windows button from the Programs list, then click “Windows System” , then right click “Command Prompt” and “Run as Administrator”.
    • Download and unpack the executable
    • Open a command prompt to the folder you unpacked the executable
    • Type: cd followed by the location of the PSPING utility
    • Type this command: psping InsertURL.movere.io:443 (this can be found under the tenant region, in this article). 

Target Device (to be scanned):

• Inbound rule: TCP 445, 139, 135 + see below for WMI
• Outbound rule: TCP 80 (or custom port, editable in Movere.Service.config file)  
  • NOTE:  If port 80 is unavailable then Movere will incrementally cycle through ports i.e. 81, 82, 83 etc. until an available port is found.
• Windows Management Instrumentation (ASync-In). Actual EXE that needs to be allowed on client is “%systemroot%\system32\wbem\unsecapp.exe”
• Windows Management Instrumentation (WMI-In). Actual EXE that needs to be allowed on client is “%SystemRoot%\system32\svchost.exe”
• .NET 3.5 or higher is installed and available on all devices to be scanned

For more information on the ports utilized by Movere, please see Which Ports Does Movere Use?

The following services should be whitelisted on all target devices:

• Movere.Bot2.Local.exe
• Movere.Bot4.Local.exe
• Movere.Arc4.exe/Movere Arc4
• Movere.Arc2.exe/Movere Arc2
• FrameworkVerifier.exe/ FrameworkVerifier

For a comprehensive list of all URLs and IPs addresses used by Movere, please see Movere URLs and IP Addresses for Whitelisting.