In my world network scanning is a big no-no, so almost any network management solution that touts its ability 'to scan your network' gets demerits.
Anyhow, Let us consider how we might use events observed on the network to populate the IPAM data with a high degree of certainty with minimal polling. Here are some good sources of information easily obtained to populate IPAM
a) UDT -- this is already performing the same function as 'neighbor scanning' (polling the ARP tables.)
b) NTA -- includes the source and destination IP addresses of data flows through the network; easy way to spot new hosts sending data to the Internet. Well it would be if the ipaddress fields actually contained ipaddresses or ipaddressguids to match the IPAM tables
c) NPM:
i. syslog data from your ISC-DHCP server includes the IP address and MAC addresses in use on your network. if you make use of NAT, then dumping the NAT translation information is also another source of data; even without the DHCP log information over 13,000 of my IPv4 address space is mentioned in syslog messages from network devices.
ii. trap data might also include information about IP addresses in use on your network. (~4000 ip addresses in trapvarbinds)
iii. Wireless client data includes their IP address
d) NCM -- also provides ARP and routing table inventories.
/RjL