Fortinet black logo

Administration Guide

Quarantine

Copy Link
Copy Doc ID 2cb222d1-3405-11ea-9384-00505692583a:885568
Download PDF

Quarantine

Quarantine allows the Administrator to set the Risk State for all hosts to Safe. In the event that a scan profile generates significant false negatives which results in multiple hosts being set to At Risk, rather than set each individual host to Safe, this option allows the Administrator to globally change all hosts. Once that has been done, then the scan can be reconfigured and hosts rescanned.

Quarantine VLAN switching can be globally enabled or disabled from the Quarantine view.

  1. Click System > Settings > Control > Quarantine.
  2. Mark the Enable Quarantine VLAN Switching check box with a check mark to enable it.
  3. If you need to set all hosts to safe, click Apply.
  4. Click Save Settings.
Settings

Option

Definition

Quarantine VLAN
Switching

When quarantine VLAN Switching is set to Enable and the ports are in the Forced Remediation Group, the appliance switches unregistered hosts that are being scanned to the quarantine VLAN until the scan process is completed.

Registered hosts are scanned in the production VLAN. Once the scan is finished and the registered host has passed, the host remains in the production VLAN. If the host fails the scan, it is moved to the quarantine VLAN to remediate.

When set to Disable, all hosts remain in the production VLAN during the scan process even if the host fails the scan.

Default =Enable

Set all hosts 'Risk State' to 'Safe'

Changes all hosts to Safe.

Quarantine

Quarantine allows the Administrator to set the Risk State for all hosts to Safe. In the event that a scan profile generates significant false negatives which results in multiple hosts being set to At Risk, rather than set each individual host to Safe, this option allows the Administrator to globally change all hosts. Once that has been done, then the scan can be reconfigured and hosts rescanned.

Quarantine VLAN switching can be globally enabled or disabled from the Quarantine view.

  1. Click System > Settings > Control > Quarantine.
  2. Mark the Enable Quarantine VLAN Switching check box with a check mark to enable it.
  3. If you need to set all hosts to safe, click Apply.
  4. Click Save Settings.
Settings

Option

Definition

Quarantine VLAN
Switching

When quarantine VLAN Switching is set to Enable and the ports are in the Forced Remediation Group, the appliance switches unregistered hosts that are being scanned to the quarantine VLAN until the scan process is completed.

Registered hosts are scanned in the production VLAN. Once the scan is finished and the registered host has passed, the host remains in the production VLAN. If the host fails the scan, it is moved to the quarantine VLAN to remediate.

When set to Disable, all hosts remain in the production VLAN during the scan process even if the host fails the scan.

Default =Enable

Set all hosts 'Risk State' to 'Safe'

Changes all hosts to Safe.