Add a scan
- Click Policy > Remediation Configuration.
- Click Add.
- Use the settings in the table below to enter the parameters for the script or profile you are adding.
- Click Apply.
Settings
Field |
Definition |
---|---|
Type |
The type of scan you are adding:
|
Script/Profile |
System scripts
Admin scansEnter a name for the scan. This scan is initiated on the Host Properties under the Health tab. |
Label |
Displayed on the failure page when a network user's PC has failed a scan. If no label is provided, the scan name is used. The label or scan name is a link that takes the user to a page indicating why the PC has failed the scan. |
Max Scan Execution Time (sec) |
The maximum length of time FortiNAC will wait for the scan to return a status of passed or failed. If the elapsed time is greater than this value, a script failed error is generated and the host returns to the queue of hosts waiting to be scanned. |
Status |
Enable or Disable the scan. This setting can be modified to allow the scan to run or to stop it from running. |
Target |
The sub-set of FortiNAC hosts that will be scanned.
|
Group |
Specify the FortiNAC host group to be scanned. This option is only available if you select Group as the Target. |
Security and Access Attribute Value |
Used to determine which scan is to be applied to hosts connecting to the network whose associated user has this value set in the Active Directory Security and Access attribute. The host inherits this value from the user. This option is only available if you select Directory Attribute as the Target. |
Patch URL |
The location of the URL containing instructions for users whose hosts fail the scan. This must be a local URL. |
Patch Information |
If a host has failed a scan, the user must remedy the issue and rescan. Use this second field to provide the user with a brief set of instructions. For this field to be displayed to the user, you must use the portal pages distributed with FortiNAC and the Use Portal Version 1 check box on the portal configuration window must be disabled. |