Current functionality allows a connection (Config > Discovery & Assets > Connections) to limit/expand ports but does not allow the ability to exclude a particular address within the subnet. While that is helpful, the ability to also exclude (or perhaps implicitly specify) one or more IP addresses within the subnet range would be helpful. Consider that some equipment on a particular subnet may respond to the scan in unexpected or undesired ways but other devices reside on the same subnet and need to be scanned. It is not practical to reconfigure the network to separate equipment that should not be scanned for the benefit of a scanning feature that lacks this exclusion.
For example in our environment, we have a few older printers. Some print out 25 pages of garbage every time is it scanned (showing all the various ways the scanner tries to identify it) while other devices have their network stack crash, others trigger security warning since the scanner is trying various methods like SNMP , SSH, etc. Again, yes, one could limit the ports being used but on a typical network it would be impractical to separate the printers that could be canned from those that cannot. Our workaround was to use a scanner on a different subnet and then block the traffic from the scanner to the device at the router, but that is a less than ideal workaround that could have broader implications.
A simple exclude by IP (in addition to the port filters that already exist) would be helpful to stop scanning undesired or unnecessary devices.
