Showing results for 
Search instead for 
Did you mean: 

Asset Discovery Scan Optimization

Hi , Can anyone provide me best Practices for Asset discovery Scan in order to make it faster yet effective .I am running an Asset discovery scan for few IP Ranges (Total hosts become :657,152 ) and the scan did not finish in alloted  8 hours scan window .It was 78 % whereas I am using the default configuration i.e no. of UDP Ports and TCP Ports are quite less . Here are the settings .For Optimize portion ,refer to the attached picture . My preference is to finish this scan is 4-5 hours .what can be done in this regards .

Hosts Discovery
ICMP Scanning : Echo Request
UDP Scanning : Default

TCP Scanning : Default
Enable Asset Tagging

Advanced Options :
Enable Hostname Resolution
Enable OS Identification ( Use Credentials if available)
Randomize order of hosts

UDP Scanning :Default  ( Also Use Advanced UDP Scanning Technique)
TCP Scanning : Default

No. Vuln. CHecks enabled

2 Replies

Re: Asset Discovery Scan Optimization


I have two suggestions to lower the time it takes to complete an asset discovery scan.

1)  If you trust that your assets are not blocking ICMP, you may want to consider setting both the UDP and TCP Scanning to "None".     This will greatly reduce the time it takes for the asset scan to complete.   Keep in mind that only assets that respond to ICMP will be discovered.

2)  If your network topology supports it, you may want to lower your Interpacket delay.   I've done asset discovery scans with an interpacket delay of 5 ms and had no issues.

I’m sorry.  I do not have any best practices for completing an asset discovery scan.

- Steve

Re: Asset Discovery Scan Optimization

Steve ,

Thanks for the Suggestions . In my case ,I didn't have to do much .Using the slider provided in Optimize section ,I moved it to faster which increased the batch size to 1024  and no. of sub scans to 8  .Also I turned off the Advanced UDP Scanning and as a result the scan which was 98 % in 8 hours ( A previous such scan took 18 hours)  scan window ,now finished in 6 hours ad 14 minutes .Good thing is that the results are still accurate .

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator