VA policies are best practice business rules that are applied during assessments. FortiDB is pre-populated with hundreds of policies for security and compliance to address security standards.
There are two types of policies you can use for database vulnerability assessments.
You can use the policy groups that ship with FortiDB or create your own.
Fortinet updates its policies several times a year with an XML file containing new or enhanced policies. Fortinet recommends that you import this list in order to stay current. You can download the latest policies from FortiGuard Center. For details, please refer to Managing Pre-Defined Policies (PDPs).
The policy version tracks:
The policy version number will be incremented when you import the PDP Updates.
When you update your User-defined policy (UDP) in the Modify User Defined Policy page, the policy version number remains same. To update the policy version number, you must export your UDP, change the policy version number, then import the policy. When you import your UDP with an equal or lower policy number than the original policy number, the policy will not be imported.
Assessments use policy groups. A policy group must contain at least one policy.
These are the policy groups shipped with FortiDB.
At a given moment, a FortiDB policy will be in one of the following states:
State(applicable icon) | Indication |
---|---|
Enabled () | Subsequent assessments will use this policy. |
Disabled () | Subsequent assessments will not use this policy. |
Modified and Enabled ( ) | A previously existing policy has been modified by an import and subsequent assessments will use this policy. |
Modified and Disabled () | A previously existing policy has been modified by an import and subsequent assessments will not use this policy. |
New and Enabled () | A new policy has been added by an import and subsequent assessments will use this policy. |
New and Disabled () | A new policy has been added by an import and subsequent assessments will not use this policy. |
Keywords are read-only pre-defined policy keywords.
User Keywords are input by you, and can be used as a criterion for grouping.
FortiDB 5.0.0 Handbook 1st Edition , July 11 2013 © Copyright 2013 Fortinet Inc. All rights reserved. Latest documentation: http://docs.fortinet.com/fdb.html |