Help
Cybersecurity Forum

This forum is for all security enthusiasts to discuss Fortinet's latest & evolving technologies and to connect & network with peers in the cybersecurity hemisphere. Share and learn on a broad range of topics like best practices, use cases, integrations and more. For support specific questions/resources, please visit the Support Forum or the Knowledge Base.

DaviHay-
New Contributor

Created on ‎09-20-2018 08:34 AM

FortiClient 6.XXX

Is there a way to disable vulnerability scanner in FortiClient 6.xx?
Also, what happens with what it finds? Does it automatically update/remediate or just notifies? the reason I ask is that most of the time computers are managed by another application, and we have an update schedule.

------------------------------
David Hay-Currie
Network Engineer
DehcTech
Newark, DE

------------------------------
[FirstName] [JobTitle] [CompanyName] [City] [State]
[FirstName] [JobTitle] [CompanyName] [City] [State]
Labels:
744
0 Kudos
3 REPLIES 3
DaviHay-
New Contributor

Created on ‎09-20-2018 09:37 AM

I just figured to change some of the applications I can unlock from the lower left side, however Vulnerability doesn't have configurable settings.
I don't have anything that needs updating, but I am still wondering.
[FirstName] [JobTitle] [CompanyName] [City] [State]
[FirstName] [JobTitle] [CompanyName] [City] [State]
718
0 Kudos
preznik_FTNT
Staff
Staff

Created on ‎09-20-2018 09:44 AM

Hi David,

You can control Vulnerability Scan settings via XML for standalone client, or via FortiClent EMS for managed one.
Please check XML Guide Fortinet Docs Library - FortiClient 6.0.2 XML Reference
Fortinet remove preview
Fortinet Docs Library - FortiClient 6.0.2 XML Reference
View this on Fortinet >

Thank you,

Paul
718
DaviHay-
New Contributor
In response to preznik_FTNT

Created on ‎09-20-2018 11:49 AM

Thanks Paul.
So, I exported the settings, and that showed me how it is setup.

<vulnerability_scan>
<enabled>1</enabled>
<scan_on_registration>0</scan_on_registration>
<scan_on_signature_update>1</scan_on_signature_update>
<windows_update>1</windows_update>
<proxy_enabled>0</proxy_enabled>
<automatic_maintenance>
<scan_on_maintenance>0</scan_on_maintenance>
<maintenance_period>0</maintenance_period>
<maintenance_deadline>0</maintenance_deadline>
</automatic_maintenance>
<auto_patch />
<scheduled_scans />
</vulnerability_scan>

This means that although it is enabled, it won't run by default a scan, and even if it runs, there is no remediation, just information.
However it will run when there is a signature update.
This actually helps me a lot.
I just tested it though and it enables display of vulnerability scan and the vulnerability scan button when the client is restarted (either by fully exiting the application or restarting the computer)

------------------------------
David
Network Engineer
[CompanyName]
[City] [State]
------------------------------
[FirstName] [JobTitle] [CompanyName] [City] [State]
[FirstName] [JobTitle] [CompanyName] [City] [State]
718
0 Kudos
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.