Filter
Top Products
Tools Configuring vulnerability scan jobs
FortiAnalyzer Version 3.0 MR7 Administration Guide
05-30007-0082-20080908 165
To configure a vulnerability scan job
1 Go to Tools > Vulnerability Scan > Job.
2 Select Create New.
3 Complete the following:
4 Select the blue arrow to expand Scan Option.
5 Complete the following:
Job Name Enter a name for the vulnerability scan job. This name will also be
used for the report generated from scan results.
Scan Targets Enter the IP addresses, or range of addresses, of the device or
hosts you want the FortiAnalyzer to scan, then select Add. The
target host(s) appears in the Scan Targets area.
To remove a target host, select the target host item, then select
Remove.
Remote
Authentication
Enable to configure the FortiAnalyzer unit to log in to the target
hosts, then also configure User Name and Password. This User
Name and Password will be used to log in to each of the target
hosts.
Some vulnerability scan modules require full access, such as
those that probe for correct file permissions and application
vulnerabilities. If you do not provide administrator or root login,
some vulnerability scan modules may not be able to obtain
complete or accurate results. For more information, see “Viewing
vulnerability scan modules” on page 161.
User Name Enter the user name for the target host(s). This option is only
available after selecting Remote Authentication.
Password Enter the password for the target host(s). This option is only
available after selecting Remote Authentication.
Quick Scan Select to perform a quick port scan only.
This option checks a list of common ports, and does not scan
every possible port. For a list of ports scanned by this option, see
the Knowledge Center article Remote Vulnerability Scan Quick
Scan ports.
Custom Scan Select to perform a port scan of ports that you specify in TCP
Ports Range and UDP Ports Range, and also perform the
vulnerability scan modules that you have selected in Modules
Severity.
Modules Severity Select the severity level of vulnerability scan modules to use with
the vulnerability scan job. For greatest detail, select
>=Information. This option is availably only after selecting Custom
Scan.
For more information about on what the FortiAnalyzer unit scans
at a given severity level, see “Viewing vulnerability scan modules”
on page 161.
Test for reachability
(Ping) before
scanning each host
(recommended)
Select to ping each target host before performing tests defined in
the scan modules. If the target host does not respond to the ping,
the FortiAnalyzer unit will not perform further scans on the
unresponsive host. This can accelerate scans of multiple target
hosts when some of the target hosts are unavailable.
TCP Ports Range Enter the TCP port numbers, or port ranges, the FortiAnalyzer unit
will port scan. Separate each port number or range of numbers
with a comma. This option is availably only after selecting Custom
Scan.