Technical Tip: How to configure application exclusions for vulnerability compliance tags

Description

This procedure details how to exclude vulnerabilities detected on the endpoint for Security Posture TAGs detection.

Scope

 FortiClient EMS.

Solution

1. To exclude certain applications from the Security Posture Tags check, access EMS, and edit the 'Vulnerability Scan' profile.

2. Locate the 'Exclusions' section:

3. Enable the 'Exclude Selected Applications from Vulnerability Compliance Check' option:

4. Select the applications to be excluded:
   
   

   

   
   

5. Next, check the rule configuration for TAG detection.

6. In this example, the configuration ensures that only computers without 'High or Higher' vulnerabilities receive the TAG:
   
   

   

   
   

7. As demonstrated below, some applications present a 'High' severity level, but the following exclusions were created so that the computer can receive the TAG:
   
   

   

   
   

8. Thus, even with the detection of vulnerabilities, the computer continues to receive the 'Compliance' tag:
   
   

   

   
   

The following example demonstrates that without the exclusion configuration, the 'Compliance' tag is not detected: