Scans are configured to evaluate hosts connecting to the network. These scans search the host computer for things such as antivirus software or a particular version of an operating system. The categories within which the scan can search are fairly broad. To scan for very specific items, such as a file on the hard drive or a patch, you must create custom scans and then link custom scans to a general Scan.
The severity level set in the custom scan determines how the host is treated when it fails a custom scan. Levels can be set to deny the host access to the network or to just send a warning. See Severity level for additional details.
Custom scans that are associated with a scan can be configured to run at more frequent intervals than the Scan itself by setting up a Monitor in the Scan. This requires that the host have the Persistent Agent installed.
In addition to running a custom scan on any host that is evaluated by the associated Scan, you can use custom scans to refine or enhance other Scans. For example, if you have set up a Scan to check hosts for one of the following antivirus programs: AVG 8.5, Kaspersky, or Norton. Within the Kaspersky setting you can add a custom scan to search for a version that must be installed. This custom scan will not be run for hosts using AVG 8.5 or Norton. It will be run for hosts using Kaspersky.
Custom scans are created differently depending on the operating system on which they will run. You must create separate custom scans for each operating system.
When hosts fail a custom scan, they are redirected to the web page designated within the custom scan configuration. These web pages are not provided as part of the portal configuration. They must be created and stored on your FortiNAC appliance in the following directory:
Within the directory listed above there are other web pages that might serve as a template for the custom scans web pages. One option is to copy the
antivirus.jsp file to a new name and edit the text within that file to accommodate your custom scans.
User created web pages that display when a host fails a custom scan are now stored in
/bsc/Registration/registration/site. If you are using Portal Version 1 and have legacy pages that are stored in
/bsc/Registration/registration/sma, you do not need to move them to the new directory, they will continue to display to hosts as needed.