https://community.cisco.com/t5/network-security/nmap-scanning-from-fmc/m-p/3023865#M42740 <P>Running Firepower Management Center v6.2.0.2</P> <P>I’m having 2 issues with NMAP and active discovery</P> <P>First issue:&nbsp; Hosts discovered by NMAP are not being added to the network map.&nbsp; Only hosts discovered by passive discovery exist in the network map.&nbsp; Is there a way to have hosts discovered by NMAP added to the network map?</P> <P>Second issue:&nbsp; NMAP is not correctly identifying the OS on some hosts.&nbsp; There are a number of windows 7 machines which are being incorrectly identified by NMAP as Server 2008 with 100% confidence.&nbsp; Is there a way to tune the NMAP to properly identify the OS on those hosts?&nbsp; If not is there a way to bulk update the OS on those hosts in FMC?</P> <P>&nbsp;</P> <P>Thanks</P> Sun, 10 Mar 2019 13:52:12 GMT pcnudde01 2019-03-10T13:52:12Z https://community.cisco.com/t5/network-security/nmap-scanning-from-fmc/m-p/3023865#M42740 <P>Running Firepower Management Center v6.2.0.2</P> <P>I’m having 2 issues with NMAP and active discovery</P> <P>First issue:&nbsp; Hosts discovered by NMAP are not being added to the network map.&nbsp; Only hosts discovered by passive discovery exist in the network map.&nbsp; Is there a way to have hosts discovered by NMAP added to the network map?</P> <P>Second issue:&nbsp; NMAP is not correctly identifying the OS on some hosts.&nbsp; There are a number of windows 7 machines which are being incorrectly identified by NMAP as Server 2008 with 100% confidence.&nbsp; Is there a way to tune the NMAP to properly identify the OS on those hosts?&nbsp; If not is there a way to bulk update the OS on those hosts in FMC?</P> <P>&nbsp;</P> <P>Thanks</P> Sun, 10 Mar 2019 13:52:12 GMT https://community.cisco.com/t5/network-security/nmap-scanning-from-fmc/m-p/3023865#M42740 pcnudde01 2019-03-10T13:52:12Z https://community.cisco.com/t5/network-security/nmap-scanning-from-fmc/m-p/3023866#M42741 <P>Hi <SPAN><A href="https://supportforums.cisco.com/users/pcnudde01">pcnudde01</A></SPAN>&nbsp;&nbsp;</P> <P>1. Did you configure the network for the NMAP scanned hosts in the "Network Discovery" policy?</P> <P>2. No way of tuning NMAP. I guess that it is possible using the API to bulk update the OS on hosts, but I have not seen anything like that, yet.&nbsp;</P> <P></P> Fri, 30 Jun 2017 19:45:54 GMT https://community.cisco.com/t5/network-security/nmap-scanning-from-fmc/m-p/3023866#M42741 Dennis Perto 2017-06-30T19:45:54Z https://community.cisco.com/t5/network-security/nmap-scanning-from-fmc/m-p/3023867#M42743 <BLOCKQUOTE> <P><SPAN>Did you configure the network for the NMAP scanned hosts in the "Network Discovery" policy?</SPAN></P> </BLOCKQUOTE> <P><SPAN></SPAN></P> <P>If you mean under Policies | Network Discovery | Advanced | OS and Server Identity Sources did I add an NMAP scanner then yes. &nbsp;There is no other place to configure NMAP scanning for network discovery policies.</P> Wed, 12 Jul 2017 17:00:41 GMT https://community.cisco.com/t5/network-security/nmap-scanning-from-fmc/m-p/3023867#M42743 pcnudde01 2017-07-12T17:00:41Z https://community.cisco.com/t5/network-security/nmap-scanning-from-fmc/m-p/3023868#M42744 <P>I now see that it is not possible.</P> <P>"<SPAN>A host must exist in the network map before Nmap can append its results to the host profile."</SPAN></P> <P><SPAN>Source: <A href="http://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide-v60/Host_Identity_Sources.html#ID-2219-0000055a">http://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide-v60/Host_Identity_Sources.html#ID-2219-0000055a</A></SPAN></P> Wed, 12 Jul 2017 19:47:28 GMT https://community.cisco.com/t5/network-security/nmap-scanning-from-fmc/m-p/3023868#M42744 Dennis Perto 2017-07-12T19:47:28Z https://community.cisco.com/t5/network-security/nmap-scanning-from-fmc/m-p/3023869#M42745 <P>That's what I figured, thanks. &nbsp;So Cisco touting NMAP as active network discovery is misleading then since NMAP won't actually add hosts it finds to the network map. &nbsp;Seems like this would be an obvious thing to want to do and fairly simple to implement. &nbsp;Maybe I will put in a feature request.</P> <P>Thanks for the info.</P> Thu, 13 Jul 2017 13:08:11 GMT https://community.cisco.com/t5/network-security/nmap-scanning-from-fmc/m-p/3023869#M42745 pcnudde01 2017-07-13T13:08:11Z