Can someone tell me the difference (pros vs cons) of running a map scan vs a normal vm scan with an option profile of "Light Inventory Scan v.1 (Discovering Profile)"?
The following is based on my experience with Map scans and what has been described and reviewed the the Light Inventory Scan.
Map scans: +Scanning assets does not eat up a license
+Built in Rogue Device Management... based on my experience this has been less than useful as it requires consistent updates in a enterprise DHCP environment because of its IP based tracking. But could be a great way to map servers, who are known to be a static IP in a given DNS range. Always worth the test to see if it will work for you. -Data is not really saved for searching (no QID searching)
-only one scanner per map scan
Light Inventory Scan:
+With a configuration following the article below you can achieve the same functionality of a map scan https://blog.qualys.com/technology/2013/04/30/automate-host-discovery-with-asset-tagging
+Tagging can be used to sort the hosts that are found, if you can create tags well you can mimic the Rogue Device management in a map scan.
+Ability to search, report and script for further probing.
*searching: because you are collecting the listed QIDs you can do Asset Search Reports
*report open ports
*based on the results of the light scan you can script for further probing via authentication.... I would use this OP as an initial OP to see if the host matches your corporate assets up until what you deem satisfactory, then toss an authentication scan at the hosts.
+Can apply more scanners to the scan
+Flexible: if you think you would like to see X QID you can add it, pending auth or no-auth required.
-Each asset scanned could eat up a license, your TAM might have further comment on this.
-Could take more time per host, based on config, authentication, and other variables.
Depending on your business size and licensing it could swing your options one way or the other. Your TAM might be a better resource if your trying to figure out how you want to identify assets on your network. Many factors can play into what could work best for you.
Retrieving data ...