Table of Contents
Advertisement
Tools
1
2
3
4
5
FortiAnalyzer Version 3.0 MR7 Administration Guide
05-30007-0082-20080908
To configure a vulnerability scan job
Go to Tools > Vulnerability Scan > Job.
Select Create New.
Complete the following:
Job Name
Enter a name for the vulnerability scan job. This name will also be
used for the report generated from scan results.
Scan Targets
Enter the IP addresses, or range of addresses, of the device or
hosts you want the FortiAnalyzer to scan, then select Add. The
target host(s) appears in the Scan Targets area.
To remove a target host, select the target host item, then select
Remove.
Select the blue arrow to expand Scan Option.
Complete the following:
Remote
Enable to configure the FortiAnalyzer unit to log in to the target
hosts, then also configure User Name and Password. This User
Authentication
Name and Password will be used to log in to each of the target
hosts.
Some vulnerability scan modules require full access, such as
those that probe for correct file permissions and application
vulnerabilities. If you do not provide administrator or root login,
some vulnerability scan modules may not be able to obtain
complete or accurate results. For more information, see
vulnerability scan modules" on page
User Name
Enter the user name for the target host(s). This option is only
available after selecting Remote Authentication.
Password
Enter the password for the target host(s). This option is only
available after selecting Remote Authentication.
Quick Scan
Select to perform a quick port scan only.
This option checks a list of common ports, and does not scan
every possible port. For a list of ports scanned by this option, see
the Knowledge Center article
Scan
Custom Scan
Select to perform a port scan of ports that you specify in TCP
Ports Range and UDP Ports Range, and also perform the
vulnerability scan modules that you have selected in Modules
Severity.
Modules Severity
Select the severity level of vulnerability scan modules to use with
the vulnerability scan job. For greatest detail, select
>=Information. This option is availably only after selecting Custom
Scan.
For more information about on what the FortiAnalyzer unit scans
at a given severity level, see
on page
Test for reachability
Select to ping each target host before performing tests defined in
the scan modules. If the target host does not respond to the ping,
(Ping) before
the FortiAnalyzer unit will not perform further scans on the
scanning each host
unresponsive host. This can accelerate scans of multiple target
(recommended)
hosts when some of the target hosts are unavailable.
TCP Ports Range
Enter the TCP port numbers, or port ranges, the FortiAnalyzer unit
will port scan. Separate each port number or range of numbers
with a comma. This option is availably only after selecting Custom
Scan.
Remote Vulnerability Scan Quick
ports.
"Viewing vulnerability scan modules"
161.
Configuring vulnerability scan jobs
"Viewing
161.
165
Advertisement
Table of Contents
