Scanning

Scan Configuration

IMPORTANT: The RNA utilizes external IPs as the source of scanning traffic for external scans. To find the detailed list to add to your allow-list, see External RNA IPs.

Fortra VM scanners provide comprehensive, updated information about your environment’s security posture.

This page details the following topics:

  • Viewing, modifying, and creating scan policies
  • Managing scan credentials
  • Configuring scan results setting

Work with Scan Policies

This section describes how to view, modify, and create a scan policy, which is a set of instructions for a scanner. Fortra VM has default policies for several common scanning objectives (for example, application discovery, host discovery, port scanning).

While a scanner only uses one scanner profile at a time, a profile can accommodate many scans—each of which with a different policy. A scan policy essentially tells the scanner how to process the scan by identifying scan speed, ports, scan credentials, password auditing, and vulnerabilities to include or exclude.

Add Credentials

Authenticated scanning gives you safer and more accurate scanning of your environment.

While you can add credentials when creating a scan policy, modifying and deleting credentials can only be done through the Credentials Manager. See Scanning for more information.

See Authenticated Scanning for more information.

Configure Scan Results Settings

You can configure the type of scan information you receive on the Scan Results page (located by selecting System > Settings > Scan Results on the navigation menu).

From here, you can configure the following settings:

  • General

    • Risks and Threat Prioritization, including default risk weight

      TIP: Be aware that changing your Default risk weight can adversely affect your Security GPA. If you have questions about this feature, contact Fortra Technical Support.

      You can change the default rating scheme to see scan data with different rating systems.

      • DDI – follows Fortra’s proprietary rating scheme with severities ranging from critical to trivial

      • PCI – follows pass/fail status as determined by PCI Security Standards Council

      • NVD – follows the Common Vulnerability Scoring System (CVSS) as determined by the National Vulnerability Database (NVD)

        IMPORTANT: The PCI rating scheme can be used to determine which vulnerabilities would pass or fail in a PCI assessment, but a PCI-ASV scanning subscription is required to run a full PCI assessment and receive an attestation of compliance.
  • Data retention, including Scan purge days

    NOTE: Scan data purged from Fortra VM cannot be restored.
  • Matching and Trending, including Use static IP matching internally, Use SLA Security GPA/ SLA Security GPA days, and Active Threat Scanning Auto-Submit

    NOTE: Active Threat Scanning Auto-Submit must be enabled on your account.

    Frontline VM Scan Results Settings page

    figure 11 - Fortra VM Scan Results Page

Frequently Asked Questions