Why is Network Discovery Scan necessary ? I ask this because I’ve already scheduled Vulnerability Scan for RFC 1918 ranges.
Thank you.
For us it is optimization and performance. We first run a discovery scan to see what is out there and tag the found assets, then we run the more intense vulnerability scan on that list of found assets. This saves you from running unnecessary checks.
This is similar to inventory management where you first catalogue all your products, then after you have that catalogue you go back and count how many of each of those products you have. You don’t just start counting before you know what you have to count.
1 Like
I know this is an old thread, but I too wanted to know if the concern for saving from unnecessary checks and an intense scan is low; would a typical vulnerability scan that includes an entire subnet essentially do the same thing as discovery?
Time has changed for me, I now just do one scan across the subnet for both discovery and vuln scanning. We also converted over half of our assets to Agents, so that greatly reduces scan load and we do not run out of resources on our scan engine.