Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
kinmun
New Contributor II

exempt Qualys scanning

As need to do Qualys vulnerability scanning monthly for PCI compliance. 

how do i disable/exempt Qualys Vulnerability scanner from being detected/drop as Intrusion in IPS.

I have already create IP address exemption, but it still drop the packets.

 

6 REPLIES 6
Iescudero
Contributor II

Hi there Kinmun

Did you try to add Qualys.Vulnerability.Scanner in your IPS Sensor and added a different action like monitor it?

 

 

kinmun
New Contributor II

managed to get it solved

 

KenP1314505

HI ALL Specially Kinmun,

 

Good day! I want to know How do you managed to resolve the issue?

 

I am having the same issue but on the FortiAnalyzer, It detects also that qualys is such an IPS attack.

 

Hope for your immediate response.

 

Best Regards,

Kenneth Penafuerte

kinmun
New Contributor II

add this Qualys.Vulnerability.Scanner in your ips sensor.

action set to monitor

KenP1314505

Hi Kinmun,

 

Good day! Thank you for your reply! 

I think the only way to do it is to add into the IPS signature then set action to MONITOR?

 

I currently enabled IPS filters, then no any IPS signatures enabled or configured.

 

Please verify.

 

Best Regards,

canexan

Yes! Exactly what I was looking for.

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors