| Description | This article describes why the vulnerability scan still runs daily despite the defined schedule time in the Endpoint profile configuration. |
| Scope | FortiClient, Vulnerability Scan, FortiClient EMS |
| Solution |
If a specific time is configured in the Endpoints Vulnerability Scan profile schedule, but the scan still runs daily or outside the defined schedule, review the following settings to identify the cause.
In EMS, navigate to the following Endpoint profiles -> Vulnerability Scan, and under the scanning section, ensure the following options are disabled or unchecked:
A common cause for repeated scans is the 'Scan on Vulnerability Signature Update' option.
As the name suggests, when this setting is enabled, FortiClient automatically triggers a vulnerability scan every time the vulnerability signature database is updated. The vulnerability signature database is updated often, daily or even multiple times per day, because new vulnerabilities, exploits, and threats are discovered and added to the database on an ongoing basis.
These frequent updates ensure endpoints are checked for the latest known security issues, but they can cause scans to run much more often than the single scheduled time defined in the EMS profile.
Related documents: |
