Vulnerability Scan

Vulnerability Scan

FortiClient includes an Vulnerability Scan module to check your workstation for known system vulnerabilities. You can scan on-demand or on a scheduled basis. This feature is disabled by default and the tab is hidden for standalone clients. For users who are registered to a FortiGate using endpoint control, the FortiGate administrator may choose to enable this feature. Vulnerability Scan is enabled via the FortiGate Command Line Interface (CLI) only. Once enabled, the Endpoint Vulnerability Scan on Client setting is available in the FortiClient Profile.

Enable vulnerability scan

This section describes how to enable Vulnerability Scan in the FortiClient Profile via the FortiGate CLI and configuration options.

  1. Enable Vulnerability Scan in the FortiClient Profile:
  2. Log in to your FortiGate CLI.
  3. Enter the following CLI commands: config endpoint-control profile edit <profile-name> config forticlient-winmac-settings set forticlient-vuln-scan enable set forticlient-vuln-scan-schedule {daily | weekly | monthly} set forticlient-vuln-scan-on-registration {enable | disable} set forticlient-ui-options {av | wf | af | vpn | vs}

end end

<profile-name>          Enter the name of the FortiClient Profile.
forticlient-vuln-scan Enable or disable the Vulnerability Scan module. {enable | disable}
forticlient-vuln-  Configure a daily, weekly, or monthly vulnerability scan on the client scan-schedule    workstation.

{daily | weekly |


forticlient-vuln-      Enable or disable vulnerability scan on client registration to FortiGate.

scan-on-registration {enable | disable}


Scan now                                                                                                                               Vulnerability Scan

forticlient-uioptions {av | wf | af | vpn | vs} Set the FortiClient components that will be available to the client upon registration with FortiGate. l av: Antivirus l wf: Web Filter l af: Application Firewall l vpn: Remote Access l vs: Vulnerability Scan
  1. The FortiGate will send the FortiClient Profile configuration update to registered clients. The Vulnerability Scan tab is now accessible in FortiClient.

Scan now

To perform a vulnerability scan, select the Scan Now button in the FortiClient console. FortiClient will scan your workstation for known vulnerabilities. The console displays the date of the last scan above the button.

You can select to use a FortiManager device for client software and signature updates. When configuring the FortiClient Profile, select Use FortiManagerforclient software/signature update to enable the feature and enter the IP address of your FortiManager device.

View vulnerabilities

When the scan is complete, FortiClient will display the number of vulnerabilities found in the FortiClient console.

Select the Vulnerabilities Detected link to view a list of vulnerabilities detected on your system. Conversely, select Detected: X on the Vulnerability Scan tab to view the vulnerabilities.

Vulnerability Scan                                                                                                               View vulnerabilities

This page displays the following:

Vulnerability Name The name of the vulnerability
Severity The severity level assigned to the vulnerability: Critical, High, Medium, Low, or Info.
Details FortiClient vulnerability scan lists a Bugtraq (BID) number under the details column. You can select the BID to view details of the vulnerability on the FortiGuard site, or search the web using this BID number.
Close Close the window and return to the FortiClient console.

Select the Details ID number from the list to view information on the selected vulnerability on the FortiGuard site.

The site details the release date, severity, impact, description, affected products, and recommended actions.

Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!

Don't Forget To visit the YouTube Channel for the latest Fortinet Training Videos and Question / Answer sessions!
- FortinetGuru YouTube Channel
- FortiSwitch Training Videos

Cybersecurity Videos and Training Available Via: Office of The CISO Security Training Videos