Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    Administration Guide

    Home FortiNAC 9.4.0 Administration Guide
    9.4.0
    9.4.0
    9.2.0
    9.1.0
    8.8.0
    8.7.0
    8.6.0
    8.5.2
    8.3.0

    File scan

    File scan

    To create a custom scan for a specific file, enter the information shown in the table below into the custom scan window after selecting the File scan type.

    Scan parameter

    Description

    Label

    This label appears in the results page information to identify which scan the host failed.

    Severity

    The severity of the failure if the file is not on the host. See Severity level for more details.

    File Name

    The name of the file being checked.

    File Contains String

    Enter the content that must be present within the file in order for the host to pass the scan (e.g., the version number of a product in a configuration file). When the information is found, the host passes the scan. If the information is not found, the host fails the scan.

    Requires Agent 4.0.4 or greater.

    Registry Key

    To speed up the search for a file you can first check the registry to determine the folder in which the file is installed. In this field you would enter the section of the registry where the information about the file you seek resides.

    For example, if you want to make sure that Windows Messenger is installed on the host, the scan needs to look for msmsgs.exe. Enter the registry key that points to the Value Name containing the location of msmsgs.exe, such as:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MessengerService

    Registry Value Name

    The Value Name that contains the path to the file the custom scan is seeking.

    To continue the example above, the Registry Key listed in the previous field tells the custom scan the part of the registry to access to determine where msmsgs.exe is installed. Once the custom scan is looking in the correct section, it needs to know the specific "container" or Value Name in the registry that has the path to msmsgs.exe, such as:

    InstallationDirectory

    The custom scan can begin its search in the directory specified in the "InstallationDirectory" Value Name, such as:

    "C:\Program Files\Messenger"

    Execute

    Default = No. Select Yes to run the file when it is located.

    Command-Line Options

    Command line options to be used when executing the file.

    Wait for Execution to Complete Before
    Continuing

    Default = No. If set to Yes, the scan waits until the execution of the program is complete before continuing.

    File Version (>=)

    The version number of the file has to be greater than or equal to the version number entered here.

    Web Address

    The URL of the page with information about this file. If entered, this link appears on the Results page. This is a user created web page. It must be stored in:

    /bsc/Registration/registration/site

    When completing this field you must enter part of the path for the page not just the page name, such as:

    site/pagename.jsp

    Windows OS

    Select the check box next to the version(s) of Windows for which this key is required.

    Prohibit this product

    If the file is found and this is set to true, the host fails the scan for a prohibited product.

    Default = false.
    Previous
    Next

    File scan

    File scan

    To create a custom scan for a specific file, enter the information shown in the table below into the custom scan window after selecting the File scan type.

    Scan parameter

    Description

    Label

    This label appears in the results page information to identify which scan the host failed.

    Severity

    The severity of the failure if the file is not on the host. See Severity level for more details.

    File Name

    The name of the file being checked.

    File Contains String

    Enter the content that must be present within the file in order for the host to pass the scan (e.g., the version number of a product in a configuration file). When the information is found, the host passes the scan. If the information is not found, the host fails the scan.

    Requires Agent 4.0.4 or greater.

    Registry Key

    To speed up the search for a file you can first check the registry to determine the folder in which the file is installed. In this field you would enter the section of the registry where the information about the file you seek resides.

    For example, if you want to make sure that Windows Messenger is installed on the host, the scan needs to look for msmsgs.exe. Enter the registry key that points to the Value Name containing the location of msmsgs.exe, such as:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MessengerService

    Registry Value Name

    The Value Name that contains the path to the file the custom scan is seeking.

    To continue the example above, the Registry Key listed in the previous field tells the custom scan the part of the registry to access to determine where msmsgs.exe is installed. Once the custom scan is looking in the correct section, it needs to know the specific "container" or Value Name in the registry that has the path to msmsgs.exe, such as:

    InstallationDirectory

    The custom scan can begin its search in the directory specified in the "InstallationDirectory" Value Name, such as:

    "C:\Program Files\Messenger"

    Execute

    Default = No. Select Yes to run the file when it is located.

    Command-Line Options

    Command line options to be used when executing the file.

    Wait for Execution to Complete Before
    Continuing

    Default = No. If set to Yes, the scan waits until the execution of the program is complete before continuing.

    File Version (>=)

    The version number of the file has to be greater than or equal to the version number entered here.

    Web Address

    The URL of the page with information about this file. If entered, this link appears on the Results page. This is a user created web page. It must be stored in:

    /bsc/Registration/registration/site

    When completing this field you must enter part of the path for the page not just the page name, such as:

    site/pagename.jsp

    Windows OS

    Select the check box next to the version(s) of Windows for which this key is required.

    Prohibit this product

    If the file is found and this is set to true, the host fails the scan for a prohibited product.

    Default = false.
    Previous
    Next