Fortinet 513 FortiWeb 5.0 Patch 6 Administration Guide
See also
•Preparing for the vulnerability scan
•Scheduling web vulnerability scans
•Manually starting & stopping a vulnerability scan
•Viewing vulnerability scan reports
Running vulnerability scansIn order to run a vulnerability scan, you must apply a schedule (if any) to a profile of settings, as
well as providing a few additional details.
A vulnerability scan policy defines the scheduling type of scan (an immediate scan or a
scheduled scan), the profile to use, the file format of the report, and recipients.
To configure a web vulnerability scan policy
1. Configure a vulnerability scan profile. See “Configuring vulnerability scan settings” on
page 508.
2. If the scan will run by a schedule instead of being manually initiated, create a vulnerability
scan schedule. See “Scheduling web vulnerability scans” on page 507.
3. Go to Web Vulnerability Scan > Web Vulnerability Scan > Web Vulnerability Scan Policy.
To access this part of the web UI, your administrator’s account access profile must have
Read and Write permission to items in the Web Vulnerability Scan Configuration category.
For details, see “Permissions” on page 47.
4. Click Create New.
A dialog appears.
Field Description
Status Indicates whether the scan is idle (the status indicator is solid
green) or running (the status indicator is flashing red and yellow).
Start/Stop The Start/Stop icon appears only if the policy is configured as Run
Now. If so, the icon changes depending on the current status of
the scan:
•Stop — The scan associated with the policy is in progress.
•Start — The scan associated with the policy is not in progress.
Status
Start/St op