The DSEA agent only runs on the local machine and does not remotely run on other machines across the network. So, in order to collect vulnerability data from every machine the agent must be run on that machine. In large organizations, system administrators may elect to have the DSEA agent run from a network login script in order to avoid visiting every machine on the network. If the DSEA agent is not run on a particular machine the aggregate data will still be valid for those machines on which the agent was run. In large organizations a representative sample of the machines is often sufficient to measure the relative security level of the organization.