Fortinet black logo

Cookbook

Security Fabric score

Copy Link
Copy Doc ID 9bd2f947-ece6-11ec-bb32-fa163e15d75b:514262
Download PDF

Security Fabric score

The Security Fabric score is calculated when a security rating check is run, based on the severity level of the checks that are passed or failed. A higher scores represents a more secure network. Points are added for passed checks and removed for failed checks.

Severity level

Weight (points)

Critical

50

High

25

Medium

10

Low

5

To calculate the number of points awarded to a device for a passed check, the following equation is used:

score =

<severity level weight>

× <secure FortiGate multiplier>

<# of FortiGates>

The secure FortiGate multiplier is determined using logarithms and the number of FortiGate devices in the Security Fabric.

For example, if there are four FortiGate devices in the Security Fabric that all pass the compatible firmware check, the score for each FortiGate device is calculated with the following equation:

50

× 1.292

= 16.15 points

4

All of the FortiGate devices in the Security Fabric must pass the check in order to receive the points. If any one of the FortiGate devices fails a check, the devices that passed are not awarded any points. For the device that failed the check, the following equation is used to calculated the number of points that are lost:

score =

<severity level weight>

x <secure FortiGate multiplier>

For example, if the check finds two critical FortiClient vulnerabilities, the score is calculated with the following equation:

-50

× 2

= -100 points

Scores are not affected by checks that do not apply to your network. For example, if there are no FortiAP devices in the Security Fabric, no points will be added or subtracted for the FortiAP firmware version check.

Security Fabric score

The Security Fabric score is calculated when a security rating check is run, based on the severity level of the checks that are passed or failed. A higher scores represents a more secure network. Points are added for passed checks and removed for failed checks.

Severity level

Weight (points)

Critical

50

High

25

Medium

10

Low

5

To calculate the number of points awarded to a device for a passed check, the following equation is used:

score =

<severity level weight>

× <secure FortiGate multiplier>

<# of FortiGates>

The secure FortiGate multiplier is determined using logarithms and the number of FortiGate devices in the Security Fabric.

For example, if there are four FortiGate devices in the Security Fabric that all pass the compatible firmware check, the score for each FortiGate device is calculated with the following equation:

50

× 1.292

= 16.15 points

4

All of the FortiGate devices in the Security Fabric must pass the check in order to receive the points. If any one of the FortiGate devices fails a check, the devices that passed are not awarded any points. For the device that failed the check, the following equation is used to calculated the number of points that are lost:

score =

<severity level weight>

x <secure FortiGate multiplier>

For example, if the check finds two critical FortiClient vulnerabilities, the score is calculated with the following equation:

-50

× 2

= -100 points

Scores are not affected by checks that do not apply to your network. For example, if there are no FortiAP devices in the Security Fabric, no points will be added or subtracted for the FortiAP firmware version check.