I' m looking at buying a FortiAnalyzer 400B and I' m curious about the performance of the vulnerability scanning module. I' ve tried the function on the newest firmwares on a few FortiGate 60B and C devices when in a test lab and it seemed to be pretty poor. The device discovery was reasonable but any port scanning took ages.
I imagine that the analyzer has more horsepower but I' m wondering if anyone has any real world experience with how long the scans take. We' re looking for it to help with PCI compliance scans (full tcp/udp port scans) on over 100 external IP addresses, but if it takes over an hour per IP, then we may look to another solution.