Fortinet FortiAnalyzer 3.0 MR7 User Manual

Page 174

Advertising
background image

FortiAnalyzer Version 3.0 MR7 Administration Guide

164

05-30007-0082-20080908

Configuring vulnerability scan jobs

Tools

Configuring a custom scan allows you to provide the user name and password of
an administrator or root account for modules that require full access, and to
specify the severity threshold of vulnerabilities for which you want to scan, giving
you greater control over which modules will be used to probe the target host. By
providing login credentials and a low severity threshold, you can perform a full
scan, using all available modules. For more information about viewing the
modules associated with a given severity, see

“Viewing vulnerability scan

modules” on page 161

.

Even if a user name and password are not specified in the vulnerability scan job,
vulnerability scans always attempts to log in to Windows target hosts with the
following combinations:

• Administrator without a password
• Administrator with a password of “Administrator”
• Guest with a random password to test for the presence of Guest accounts
• No user name or password to test Null sessions

This allows you to scan for vulnerabilities associated with weak or default user
account security policies without providing an administrator login or performing
many of the other Windows-related vulnerability scan modules.

To view current or scheduled vulnerability scan jobs, go to Tools >
Vulnerability Scan > Job.

Figure 3: Vulnerability Scan jobs

Create New

Select to add a vulnerability job to the queue.

Delete

Select the check box of each vulnerability scan job that you want

to delete, then select Delete.

Job Name

The name of the vulnerability scan job.

Target

The IP address(es) of the host(s) that the FortiAnalyzer unit will

scan.

Status

The activity status of the vulnerability scan job in the queue. This

can include the current activity, such as running or preparing to

start, or it can be the date and time that the vulnerability scan job

will run in the future. When completed, vulnerability scan job

results appear in the list of vulnerability scan reports. For more

information, see

“Viewing vulnerability scan reports” on page 166

.

Action

Select the Delete icon to remove the vulnerability scan job from

the list.
Select Edit to modify the vulnerability scan job. You cannot modify

a vulnerability scan job if it is currently running.
Select Run now to initiate the vulnerability scan job.
Select Stop job to cancel a vulnerability scan job if it is currently

running.

Delete

Edit

Run now

Stop job

Advertising
See also other documents in the category Fortinet Hardware: