Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • EMS Administration Guide

    Home FortiClient 7.0.13 EMS Administration Guide
    7.0.13
    7.4.1
    7.4.0
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.9
    6.4.8
    6.4.7
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.9
    6.2.8
    6.2.7
    6.2.6
    6.2.4
    6.2.3
    6.2.2
    6.2.1
    6.2.0
    6.0.8
    6.0.6
    6.0.5
    6.0.4
    6.0.3
    6.0.2
    6.0.1
    6.0.0

    Viewing top ten vulnerabilities on endpoints

    Viewing top ten vulnerabilities on endpoints

    To view top ten vulnerabilities on endpoints:
    1. Go to Dashboard > Vulnerability Scan. The Top 10 Vulnerabilities widget displays the type of vulnerability and how many hosts the vulnerability has been detected on.

    2. Do one of the following:
      1. Click the vulnerability name. You can view the vulnerability on FortiGuard.

      2. Click the number of hosts that are affected by a vulnerability. You can view a list of endpoints where the vulnerability has been detected.

        Refresh

        Click to refresh the list of vulnerabilities in the content pane.

        Clear Filters

        Click to clear all filters applied to the list of vulnerabilities.

        Hostname

        Hostname of the endpoint where the vulnerability was detected.

        Username

        User that is currently logged into the endpoint where the vulnerability was detected.

        Last Seen

        Time of the last Telemetry communication between FortiClient EMS and the endpoint.

        Scan Time

        Time of the last Vulnerability Scan on the endpoint.

        You can filter the list of vulnerable endpoints by any column by clicking the filter icon beside the desired heading. Enter the value to include in the filter. You can toggle the All/Any/Not button for the following options:

        • All: Display all files that match the set filter.
        • Any: Display any file that matches the set filter.
        • Not: Display only files that do not match the set filter.

        Here, you can also click the hostname to view all detected vulnerabilities on that endpoint. You can filter the list of vulnerabilities in the same way that you can filter the list of endpoints above.

        Vulnerability

        Name of the vulnerability.

        Category

        Category of the vulnerability.

        Severity

        Severity level of the vulnerability.

        Patch Status

        You can click the Patch button to patch the selected vulnerability with the next Telemetry communication between FortiClient EMS and the endpoint.

        If a patch is already scheduled for the vulnerability, this column displays Scheduled.

        If the vulnerability must be patched manually, this column displays Manual Patch.

        FortiClient may be unable to detect and automatically patch the vulnerability due to one of the following reasons:

        • Third-party application vulnerabilities: incorrect or missing installation paths
        • OS vulnerabilities: Windows update service is disabled

        In these cases, EMS may incorrectly display the status of these vulnerabilities that were selected to be automatically patched as Scheduled instead of Failed.

    Previous
    Next

    Viewing top ten vulnerabilities on endpoints

    Viewing top ten vulnerabilities on endpoints

    To view top ten vulnerabilities on endpoints:
    1. Go to Dashboard > Vulnerability Scan. The Top 10 Vulnerabilities widget displays the type of vulnerability and how many hosts the vulnerability has been detected on.

    2. Do one of the following:
      1. Click the vulnerability name. You can view the vulnerability on FortiGuard.

      2. Click the number of hosts that are affected by a vulnerability. You can view a list of endpoints where the vulnerability has been detected.

        Refresh

        Click to refresh the list of vulnerabilities in the content pane.

        Clear Filters

        Click to clear all filters applied to the list of vulnerabilities.

        Hostname

        Hostname of the endpoint where the vulnerability was detected.

        Username

        User that is currently logged into the endpoint where the vulnerability was detected.

        Last Seen

        Time of the last Telemetry communication between FortiClient EMS and the endpoint.

        Scan Time

        Time of the last Vulnerability Scan on the endpoint.

        You can filter the list of vulnerable endpoints by any column by clicking the filter icon beside the desired heading. Enter the value to include in the filter. You can toggle the All/Any/Not button for the following options:

        • All: Display all files that match the set filter.
        • Any: Display any file that matches the set filter.
        • Not: Display only files that do not match the set filter.

        Here, you can also click the hostname to view all detected vulnerabilities on that endpoint. You can filter the list of vulnerabilities in the same way that you can filter the list of endpoints above.

        Vulnerability

        Name of the vulnerability.

        Category

        Category of the vulnerability.

        Severity

        Severity level of the vulnerability.

        Patch Status

        You can click the Patch button to patch the selected vulnerability with the next Telemetry communication between FortiClient EMS and the endpoint.

        If a patch is already scheduled for the vulnerability, this column displays Scheduled.

        If the vulnerability must be patched manually, this column displays Manual Patch.

        FortiClient may be unable to detect and automatically patch the vulnerability due to one of the following reasons:

        • Third-party application vulnerabilities: incorrect or missing installation paths
        • OS vulnerabilities: Windows update service is disabled

        In these cases, EMS may incorrectly display the status of these vulnerabilities that were selected to be automatically patched as Scheduled instead of Failed.

    Previous
    Next