Tools

Viewing vulnerability scan reports

Email server

Select which email server to use when the FortiAnalyzer unit

 

sends reports as an email.

 

This option becomes available only if at least one option in Email

 

output is enabled.

 

To define a new email server, see “Configuring alerts by email

 

server” on page 135.

Email to

Enter the email addresses of the recipients of the report. Add

 

multiple recipients by pressing the Enter key after each email

 

address. The addresses appear in Email list.

 

This option becomes available only if at least one option in Email

 

output is enabled.

Email list

Displays email addresses added to the recipient list through the

 

Email to field.

 

This option becomes available only if at least one option in Email

 

output is enabled.

10Select OK.

Viewing vulnerability scan reports

The Report tab in Tools > Vulnerability Scan displays a list of the finished vulnerability scan reports.

Vulnerability scan reports reflect the results of the vulnerability scan job, and include both summaries and detailed module test results for each target host. If the vulnerability scan job detected a vulnerability on the target host, the vulnerability scan report includes additional information about the vulnerability and potential solutions, such as patches supplied by the vendor or other mitigation techniques. Detected vulnerabilities sometimes may include false positives or false negatives if there are obstacles that prevent a thorough or accurate vulnerability scan, or if you have introduced obfuscation techniques that prevent accurate fingerprinting of the software installed on the target host, such as intentionally masking the version number or type of installed software. Vulnerability scan results will be most accurate with proper preparation before the vulnerability scan job. For more information, see “Preparing for the vulnerability scan job” on page 157.

Vulnerability scan job reports will not appear in the list of vulnerability scan job reports before the vulnerability scan job is completed. See “Configuring vulnerability scan jobs” on page 162 to display a list of vulnerability scan jobs that are still pending or in progress.

Figure 4: Vulnerability Scan reports

 

Delete

 

 

 

 

Delete

Select the check box of each vulnerability scan report that you

 

want to delete, then select Delete.

Job Name

Select to view the vulnerability scan report in an HTML file format.

Start Time

The time the FortiAnalyzer unit started the vulnerability scan job.

FortiAnalyzer Version 3.0 MR7 Administration Guide

 

05-30007-0082-20080908

167

Page 177
Image 177
Fortinet 3.0 MR7 manual Viewing vulnerability scan reports, 167