Tenable Research Release Highlight

Ping-Only Discovery Scan

Summary

In response to customer feature requests for a lightweight, minimally intrusive host discovery scan, Tenable is providing a new Ping-Only Discovery scan template. The Ping-Only Discovery scan will provide scalpel-like tailoring of user specified protocols enabling fast discovery scans with minimal network traffic to scan targets. 

Change

Ping-Only Discovery is a scan template similar to Host Discovery but with fewer checks and fewer packets sent on the wire. The Ping-Only Discovery scan will attempt to discover hosts with minimal network traffic. It sends ICMP pings by default and can be configured to attempt a TCP ping on the Discovery tab. A UDP ping can be configured, also, but will cause the scan time and packets sent to increase. The scan will not resolve FQDNs, will not run OS fingerprinting, and will not attempt to avoid Fragile Devices.

Impact

In an effort to minimize network traffic and discovery time, the scan will not attempt to identify fragile devices (printers, OT devices, etc) and will therefore send pings to any device in the Targets list. The simplest version, just sending an ICMP ping, shouldn’t cause any issues here, but be cautious if you know you are scanning these device types and you configure the ICMP plus TCP ping options for this scan. Discovery scans using this Ping-Only Discovery template will run 2 to 5 seconds faster per host on average. Protocols can be custom tailored to meet specific customer requirements in their environments.  

Target Release Date

This feature will be released in TVM and Nessus on February 25, 2025. The feature release date for Tenable Security Center is TBD.