Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY 26.2.0
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    User Guide

    Home FortiRecon 26.2.0 User Guide
    26.2.0
    26.2.0
    26.1.a
    26.1.0
    25.4.a
    25.4.0
    25.3.a
    25.3.0
    25.2.a
    25.2.0
    25.1.a
    25.1.0
    24.4.b
    24.4.a
    24.4.0
    24.3.a
    24.3.0
    24.2.b
    24.2.a
    24.2.0
    24.1.b
    24.1.a
    24.1.0
    23.4.a
    23.4.0
    23.3.a
    23.3.0
    23.2.b
    23.2.a
    23.2.0
    23.1.b
    23.1.a
    23.1.0
    22.4.a
    22.4.0
    22.3.0
    22.2.0

    Reviewing Service Discovery

    Reviewing Service Discovery

    The Service Discovery view provides a technical breakdown of the services, protocols, and versions running on your internal assets. You can access the Service Discovery view through the following two methods:

    1. From Security Issues page: Navigate to Attack Surface Management > Security Issues > IASM. Click an issue title to view the affected assets. If discovery data is available, click the gear icon next to the port number for a specific asset.

    2. From Asset Discovery page: Navigate to Attack Surface Management > Asset Discovery > IASM. In the IP Addresses tab, locate the required asset and click the gear icon next to the Open Ports count. Use the Search bar at the top to filter results by port

    The following information is displayed.

    • Discovered Date: The date the service was identified.

    • Port: The network port number.

    • Service: The name of the identified service or protocol.

    • Version: The version of the service, if detected.

    • CPE: The Common Platform Enumeration (CPE) string identifying the hardware or software.

    Click View Full Detail in the table to expand the metadata for a specific entry. This section provides granular discovery data, including:

    • CPE: The full CPE identifier.

    • Created Date: The precise system timestamp of the discovery.

    • IP Address: The IP address of the target asset.

    • Port: The specific port associated with the entry.

    • Product: The identified product name (e.g., simatic_s7-1500_et_200pro). This is especially useful for identifying OT and IoT devices.

    • Service: The protocol or service type identified.

    Previous
    Next

    Reviewing Service Discovery

    Reviewing Service Discovery

    The Service Discovery view provides a technical breakdown of the services, protocols, and versions running on your internal assets. You can access the Service Discovery view through the following two methods:

    1. From Security Issues page: Navigate to Attack Surface Management > Security Issues > IASM. Click an issue title to view the affected assets. If discovery data is available, click the gear icon next to the port number for a specific asset.

    2. From Asset Discovery page: Navigate to Attack Surface Management > Asset Discovery > IASM. In the IP Addresses tab, locate the required asset and click the gear icon next to the Open Ports count. Use the Search bar at the top to filter results by port

    The following information is displayed.

    • Discovered Date: The date the service was identified.

    • Port: The network port number.

    • Service: The name of the identified service or protocol.

    • Version: The version of the service, if detected.

    • CPE: The Common Platform Enumeration (CPE) string identifying the hardware or software.

    Click View Full Detail in the table to expand the metadata for a specific entry. This section provides granular discovery data, including:

    • CPE: The full CPE identifier.

    • Created Date: The precise system timestamp of the discovery.

    • IP Address: The IP address of the target asset.

    • Port: The specific port associated with the entry.

    • Product: The identified product name (e.g., simatic_s7-1500_et_200pro). This is especially useful for identifying OT and IoT devices.

    • Service: The protocol or service type identified.

    Previous
    Next