How to allow beacon network scans in a network with ICMP disabled
When configuring an Action for a Discovery & Inventory Rule (under Discovery & Inventory Rules -> Actions tab), the default behaviour is for MgsIPScan to use a ping-sweep for gathering discovery data through a network scan. For clarity, this setting is pictured below:
However, we acknowledge that some customer environments may have ICMP disabled, which will naturally result in a failure for the ping-sweep.
Please note the following optional registry key that can be created on the beacon server:
Hive: [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\ManageSoft Corp\ManageSoft\Discovery\CurrentVersion]
Type: REG_SZ (String)
The default value is -PI, which is not visible in the registry by default. Adding the key with value '-PS' will amend the network scan behaviour from a ping-sweep, to a TCP SYN/ACK scan.
Please take note of the following:
1) Adding this registry key and changing the value will affect ALL rules that utilise a network scan that are being executed from this beacon.
2) The modified TCP SYN/ACK approach will slow down the port scanning process as a result
Further information on the 'DefaultPingSweepOptions' registry key is available at the following link: https://docs.flexera.com/fnms/EN/WebHelp/index.html#reference/FIB-Registry.html