The Cisco Secure Scanner maps the network by scanning all IP addresses and port numbers specified in the configuration.

The network discovery tool can accomplish the following:

  • Scan entire networks, subnets, or single hosts.
  • Profile systems.
  • Discover type of system, e.g., router, firewall, workstation, server, hub.

The scanner first pings every valid IP address within a pre-determined range to see which nodes answer. Because of this, you must allow Internet Control Message Protocol (ICMP) from the scanning hosts if doing a scan across a router.