Advanced/optional system settings : Global configuration : Assessment properties
 
Assessment properties
Property
Description
Default
Enable Localhost Auto Discovery
Enables FortiDB to run auto discovery on the machine where the FortiDB application resides.
Valid values are true or false.
false
Number of Concurrent Assessments
Total number of assessments which can run simultaneously.
The optimum value of this parameter depends on your environment but tuning this parameter affects assessment performance and CPU usage by FortiDB.
Note: Assuming that each assessment has at least one target database, the value of Number of Concurrent Assessments can never exceed the Number of Concurrent Target Assessments value.
5
Number of Concurrent Target Assessments
Total number of target databases that can be assessed simultaneously during assessments.
The optimum value of Number of Concurrent Target Assessments depends on your environment, but tuning this parameter affects assessment performance and CPU usage by FortiDB.
Note: Assuming that each assessment has at least one target database, the value of Number of Concurrent Assessments can never exceed the Number of Concurrent Target Assessments value.
20
SSH Key File
(appliance version)
For Oracle OSVA and DB2 databases only, the file that contains the private key used for all SSH connections.
Click Browse to select your SSH key file, and then click Save.
You can upload an RSA or DSA private key file type.
If you upload a key file and a key file already exists in the appliance, FortiDB replaces the old key with the new key.
Uploaded key files are renamed id_rsa or id_dsa, depending on the type of key that was uploaded.
Warning: If you click Restore Default(s) and then Save button, FortiDB deletes your key file. Please keep a copy of the file in a safe place.
-
MSSQL Server Level Exclusions
A comma-separated list of databases that FortiDB does not scan when it performs a Server Level scan of a Microsoft SQL database.
model,tempdb,pubs,msdb,Northwind
Sybase Server Level Exclusions
A comma-separated list of databases that FortiDB does not scan when it performs a Server Level scan of a Sybase database.
model, tempdb, pubs2, pubs3,jpubs, sybsyntax,sybsecurity,sybsystemdb, sybsystemprocs
Enable Pen Test
When set to true, the penetration test (pentest) capability is enabled.
When set to false, the pentest capability is disabled.
For more information on penetration tests, see “Penetration tests”.
false
Enable Pen Test For All Users in Database (software-only version)
Specifies whether FortiDB uses the user names in <dbtype>user.txt.
For more information on the file, see “Files used for penetration tests”
true
Pen Test Method
Specifies the method that FortiDB uses to connect to databases to perform penetration tests (pentests).
Caution: If the penetration test login attempts are unsuccessful, the database may prevent any users, including valid users, from logging in.
Valid values are:
1 - FortiDB logs in to your target databases to perform pentests.(login method)
2 - FortiDB uses the hash-based method. A 'hash' is the value obtained after encrypting a clear-text string.
3 - FortiDB attempts the best available method. FortiDB uses the hash-based method is available.
For more information on these methods, see “Connection options for penetration tests”
3 (hybrid)
Pen Test Password Dictionary
Specifies either the default password dictionary or a file that contains the passwords to check when the penetration test uses the Dictionary policy.
Click Choose File to select your dictionary file, and then click Save button to complete your selection.
FortiDB does not display the name of the uploaded file.
To restore the default dictionary, select the Pen Test Password Dictionary item, click Restore Default(s), and then click Save. Your dictionary file is deleted.
Note: When you restore the default dictionary by checking the checkbox, and selecting Restore Default(s) and then Save, FortiDB deletes your dictionary file.
For more information on the password dictionary file, see “Files used for penetration tests”.
 
See also
Auto-discovery
Adding or modifying assessments
Configuring SSH connections to Oracle and DB2 databases
Adding (or modifying) a target connection
Penetration tests