Tools
Preparing for the vulnerability scan job
FortiAnalyzer Version 3.0 MR7 Administration Guide
05-30007-0082-20080908
159
Some vulnerability scan modules, such as those that test file permissions or
check installed patch and software versions, require full access to the target host.
Vulnerability scan modules for Microsoft Windows hosts specifically require an
administrator account with access to not only the file system but also the registry.
You must configure the vulnerability scan job with the user name and password of
an administrator account to perform a full scan using all modules,.
You can provide the vulnerability scan with an administrator account by creating a
new local or domain administrator account, rather than providing an existing
administrator account. However, many Windows hosts are configured so that
accounts authenticating over the network inherit guest privileges, rather than the
administrator privileges they would normally use when logging in locally. Guest
privileges are not sufficient for all vulnerability scan modules. Change the network
access security policy for accounts to Classic: local users authenticate as
themselves to ensure that all modules have the privileges that they require to
function correctly when authenticating remotely, for the duration of the
vulnerability scan.
To configure the security policy for local accounts authenticating remotely
(Windows XP)
The following procedure describes how to modify the local security policy of a
Windows XP target host for which you have configured a local administrator
account. This procedure may vary for other versions of Windows, or for target
hosts whose security policy and user accounts are administered at the domain
level rather than locally to each host.
1
Go to
Start
>
Run
, enter
mmc
, and then select OK to start the Microsoft
Management Console.
2
If a security policy console file already exists, select
File
>
Open
to open the
existing console file.
If no security policy console file exists, select
File
>
New
to create a new console
file.
3
If the console root does not contain Local Computer Policy (a Group Policy Object
Editor snap-in that is stored on the local computer), you must add that snap-in.
For instructions, see the help for the Microsoft Management Console.
!
Caution:
Configuration changes necessary for a full vulnerability scan can temporarily
introduce additional risks. If possible, use a firewall or other method of mitigation, such as
FortiClient, to limit which hosts can access the target host during the vulnerability scan,
allowing only connections from the FortiAnalyzer, and undo any vulnerability scan
configuration changes after the scan.
!
Caution:
Use care when creating a domain or local security policy, and verify that there is
no pre-existing security policy. If you are unsure whether or not there is already an existing
security policy in effect, consult the owner of the system. Creating a new console may
overwrite any existing policy, including applying default values to settings that you have not
modified specifically for the remote vulnerability scan.
Содержание FortiAnalyzer 3.0 MR7
Страница 1: ...www fortinet com FortiAnalyzer Version 3 0 MR7 A D M I N I S T R A T I O N G U I D E...
Страница 74: ...FortiAnalyzer Version 3 0 MR7 Administration Guide 74 05 30007 0082 20080908 Maintenance System...
Страница 108: ...FortiAnalyzer Version 3 0 MR7 Administration Guide 108 05 30007 0082 20080908 Rolling and uploading logs Log...
Страница 138: ...FortiAnalyzer Version 3 0 MR7 Administration Guide 134 05 30007 0082 20080908 Browsing reports Reports...
Страница 150: ...FortiAnalyzer Version 3 0 MR7 Administration Guide 142 05 30007 0082 20080908 Output Alert...
Страница 180: ...FortiAnalyzer Version 3 0 MR7 Administration Guide 170 05 30007 0082 20080908 File Explorer Tools...
Страница 232: ...FortiAnalyzer Version 3 0 MR7 Administration Guide 220 05 30007 0082 20080908 Index...
Страница 233: ...www fortinet com...
Страница 234: ...www fortinet com...