1 of 1 people found this helpful
There is no way to definitely distinguish these. If Discovery cannot login through an IP there is no way to know for sure what is on the IP. nmap can make some educated guesses but they are based on heuristics.
Thanks for the reply, Andrew.
As scanning was explained to me, I thought that when a scan is done the BMC product has the ability to determine what type of device it is scanning and then dynamically use the credentials for that type of device (linux, windows, etc.). Perhaps this is wrong on my part.
The current challenge is with reporting to management how many devices are found with hw/sw details and how many devices are failing to be scanned. If scans pick up ip addresses of vms on an esx host and fail to connect with vmware credentials, then the vms count as failures ("no access"). Perhaps there's a better approach to distinguishing success/failure of scan results. Asking if anyone reports success/failures and if so, how do you filter out "no access" results that are just due to using the wrong credentials.
Scanning will determine what ports are open and then try the credentials which match the IP and open ports.