I’m working on my implementation of SUA 2.0 and I wanted to know if installing both the Tivoli Software Inventory Tool and the Common Inventory Technology Scanner was necessary. Per the documentation the CIT finds “complex software signatures”, but I didn’t know if it was just a more thorough version of the basic Inventory Tool or something separate that yields completely different results. Also, would running both scans on our servers cause any adverse effects? Any clarification is appreciated.
SUA 2.0 provides two complementary scanners - Tivoli Software Inventory Tool and the Common Inventory Technology Scanner to get the full software inventory. The high level differences between the former and latter is how the scan is running and where scan results are parsed out and matched against the software titles stored in the software catalog.
The Tivoli Software Inventory Tool runs the raw filesystem scan and collects the file names matching predefined set of file masks to upload into SUA server as the software correlation engine input.
The Common Inventory Technology Scanner is running the raw file system scan and has capability of interrogating other data to correlate against subset of the software catalog distributed to the endpoint. CIT looks both at the file names as well as the file headers or registry data, all of that at the endpoint level.
For the full discovery coverage, one needs to run both scanners, which has a effect of having the endpoint’s file system scanned twice.
Both scanners are returning software inventory data, although using different format. SUA server combines those two data streams, producing the final software inventory.