Tools, Preparing for the vulnerability scan job – Fortinet FortiAnalyzer 3.0 MR7 User Manual
Page 167
Tools
Preparing for the vulnerability scan job
FortiAnalyzer Version 3.0 MR7 Administration Guide
05-30007-0082-20080908
157
Tools
The Tools menu provides vulnerability scanning as well as viewing the files that
are on your FortiAnalyzer unit. These tools help administrators either when issues
appear or when trying to determine if there are any vulnerabilities on targeted
hosts.
The Vulnerability Scan feature scans for open TCP and/or UDP ports on your
designated target hosts. If you provide Vulnerability Scan with administrative login
credentials for the target hosts, Vulnerability Scan will also log in to audit installed
software for vulnerabilities such as missing patches, incorrect permissions, local
exploits, and buffer overflows. When the vulnerability scan job is complete, the
FortiAnalyzer unit generates a report that describes the discovered security
issues and their known solutions.
Vulnerability Scan includes remote vulnerability scan (RVS) modules suitable for
scanning many types of hosts, including those running Microsoft Windows or Unix
variants such as Linux and Apple Mac OS X, as well as a variety of applications
and services/daemons. For more information about software and vulnerability
checks supported by the scan modules, see
“Viewing vulnerability scan modules”
.
File Explorer provides information about what files are on your FortiAnalyzer unit.
Accessing these files helps administrators when trying to solve an issue with
support’s help. File Explorer does not appear for ADOM users.
This section includes the following topics:
•
Preparing for the vulnerability scan job
•
Viewing vulnerability scan modules
•
Configuring vulnerability scan jobs
•
Viewing vulnerability scan reports
•
Preparing for the vulnerability scan job
For best results, before running a vulnerability scan job, you will want to plan for
the type of scans that you want to perform. You may also need to configure each
target host and any intermediate NAT or security devices to allow the vulnerability
scan to properly reach the target hosts.
For a full scan, using all vulnerability scan modules specified in the vulnerability
scan job, you must configure the vulnerability scan job with administrator or root
login credentials to the target host; without administrator or root login credentials,
the vulnerability scan may be limited to a port scan, or may be unable to
accurately complete certain probes, as modules are limited by the privileges of the
account that you configure in the vulnerability scan job. For example, users
Note: Vulnerability Scan is available on the FortiAnalyzer-100A and B units.