2 Replies Latest reply on Dec 22, 2009 12:39 AM by subhani

    Asset Discovery Scan Optimization


      Hi , Can anyone provide me best Practices for Asset discovery Scan in order to make it faster yet effective .I am running an Asset discovery scan for few IP Ranges (Total hosts become :657,152 ) and the scan did not finish in alloted  8 hours scan window .It was 78 % whereas I am using the default configuration i.e no. of UDP Ports and TCP Ports are quite less . Here are the settings .For Optimize portion ,refer to the attached picture . My preference is to finish this scan is 4-5 hours .what can be done in this regards .


      Hosts Discovery
      ICMP Scanning : Echo Request
      UDP Scanning : Default


      TCP Scanning : Default
      Enable Asset Tagging


      Advanced Options :
      Enable Hostname Resolution
      Enable OS Identification ( Use Credentials if available)
      Randomize order of hosts


      UDP Scanning :Default  ( Also Use Advanced UDP Scanning Technique)
      TCP Scanning : Default


      No. Vuln. CHecks enabled





        • 1. Re: Asset Discovery Scan Optimization



          I have two suggestions to lower the time it takes to complete an asset discovery scan.


          1)  If you trust that your assets are not blocking ICMP, you may want to consider setting both the UDP and TCP Scanning to "None".     This will greatly reduce the time it takes for the asset scan to complete.   Keep in mind that only assets that respond to ICMP will be discovered.


          2)  If your network topology supports it, you may want to lower your Interpacket delay.   I've done asset discovery scans with an interpacket delay of 5 ms and had no issues.


          I’m sorry.  I do not have any best practices for completing an asset discovery scan.


          - Steve



          • 2. Re: Asset Discovery Scan Optimization

            Steve ,


            Thanks for the Suggestions . In my case ,I didn't have to do much .Using the slider provided in Optimize section ,I moved it to faster which increased the batch size to 1024  and no. of sub scans to 8  .Also I turned off the Advanced UDP Scanning and as a result the scan which was 98 % in 8 hours ( A previous such scan took 18 hours)  scan window ,now finished in 6 hours ad 14 minutes .Good thing is that the results are still accurate .