Fortinet white logo
Fortinet white logo

Administration Guide

File scan

File scan

FortiEDR can perform periodic scans of the files in the system on a scheduled or on-demand basis, based on its execution prevention policy. During a periodic scan, only the files on the hard drive are scanned and no memory scan is performed. For a periodic scan, each file on the hard drive is scanned. If a malicious file is identified during a scan, a security event is triggered.

To schedule a periodic scan:
  1. Click the TOOLS link in the left pane.
  2. In the FILE SCAN area, check the Perform Scheduled Scan checkbox. This checkbox must be checked to perform the scan according to the designated schedule.

  3. In the Frequency dropdown list, select how frequently to execute the scan. Options are Weekly, Bi-Weekly (every two weeks), or Monthly.
  4. In the Day dropdown list, select the day of the week to execute the scan.
  5. In the Hours dropdown list, select the hour of the day to execute the scan.
  6. Use the radio button to select on which devices the scheduled scan should be performed. When selecting Collector Groups or Collectors, you should specify which Groups or Collectors should be included in the scan. Devices that are not listed here are not scanned.
  7. Click the Save button. The scan is performed as scheduled.
To perform an on-demand file scan:
  1. Click the TOOLS link in the left pane.
  2. In the Ad hoc scan area, select which devices to scan by specifying one or more Collectors or Collector Groups, or selecting the All Collectors option to scan all devices with installed Collectors.

  3. Check the Scan executable files only checkbox to only scan executable files. This option enables a quicker scan, but neglects documents, scripts and other potentially malicious files.
  4. Click Scan now. The scan is performed immediately.

File scan

File scan

FortiEDR can perform periodic scans of the files in the system on a scheduled or on-demand basis, based on its execution prevention policy. During a periodic scan, only the files on the hard drive are scanned and no memory scan is performed. For a periodic scan, each file on the hard drive is scanned. If a malicious file is identified during a scan, a security event is triggered.

To schedule a periodic scan:
  1. Click the TOOLS link in the left pane.
  2. In the FILE SCAN area, check the Perform Scheduled Scan checkbox. This checkbox must be checked to perform the scan according to the designated schedule.

  3. In the Frequency dropdown list, select how frequently to execute the scan. Options are Weekly, Bi-Weekly (every two weeks), or Monthly.
  4. In the Day dropdown list, select the day of the week to execute the scan.
  5. In the Hours dropdown list, select the hour of the day to execute the scan.
  6. Use the radio button to select on which devices the scheduled scan should be performed. When selecting Collector Groups or Collectors, you should specify which Groups or Collectors should be included in the scan. Devices that are not listed here are not scanned.
  7. Click the Save button. The scan is performed as scheduled.
To perform an on-demand file scan:
  1. Click the TOOLS link in the left pane.
  2. In the Ad hoc scan area, select which devices to scan by specifying one or more Collectors or Collector Groups, or selecting the All Collectors option to scan all devices with installed Collectors.

  3. Check the Scan executable files only checkbox to only scan executable files. This option enables a quicker scan, but neglects documents, scripts and other potentially malicious files.
  4. Click Scan now. The scan is performed immediately.