The current ConnectSecure Vulnerability Scanner supports TCP-only port scanning for external devices. This limitation was identified when the scanner failed to detect weak cipher configurations on a Cisco Meraki appliance, as IKE/IPsec operates over UDP port 500 rather than TCP.

To improve detection accuracy and coverage, please consider enhancing the External Port Scanner to support both TCP and UDP scanning where feasible. This would allow proper assessment of services that rely on UDP-based protocols and reduce false negatives in cryptographic and configuration checks.