Movere will attempt to send all inventory and ARC payloads directly to the cloud from the endpoint by default. This is enabled on the Upload to Cloud tab in the Console by entering credentials for an active customer tenant user with the Write permission, which will authenticate the user to the cloud and download a token.txt file:
The primary benefit of this method is the ability to run unattended scans – start a scan and walk away. Once the scan concludes, the results will be processed and presented through the Movere website within minutes. A secondary benefit is being able to scan an environment without having to change firewall or port settings.
In order to upload directly to the cloud from the endpoints, the endpoints must be able to connect to the cloud over port 443 and have TLS 1.2 enabled. If the endpoint cannot reach the cloud over port 443 or the scan is configured to route all payloads back to the Console, (see below), Movere will still attempt to reach the cloud three times. Once all three attempts fail, Movere will attempt to send the payload back to the Console over port 443 internally.
NOTE: Movere will attempt uploading directly to the cloud from the endpoint first, and then will attempt uploading back through the Console. This is the default upload behavior of Movere and does not require any configurations or modifications. If the endpoints can access the internet over port 443, Movere will upload payloads directly to the cloud. If internet access is blocked or otherwise unavailable on the endpoints, Movere will attempt to upload back through the Console.