FORTIGUARD® COMPLIANCE AND VULNERABLITY MANAGEMENT SERVICE

The FortiScan platform uses a bundled service that adds FortiGuard Compliance Policies to the Vulnerablity Management Service. FortiScan provides all the benefits of the Vulnerablity Management Service. With FortiGuard Compliance, organizations can realize quick time-to-value with easy to install, intuitive, high-value standard compliance policies (NIST SCAP, FDCC, PCI-DSS, SOX, GLBA, HIPAA). These policies are continuously updated to ensure OS regulatory compliance requirements are met and updates are delivered via the FortiGuard global distribution network.

• Hundreds of compliance policies are ready to use "out of the box" with regular FortiGuard updates.
• Compliance exposures are quickly identified on hosts, servers and throughout the network transparently to end-users.
• Reduced errors, repeatable processes, and predictable results are delivered with extensive libraries of templates that enable IT staff to leverage industry standard best practices that produce measurable results.
• More than 5,000 vulnerabilities detected by signature dataset.
• Asset prioritization allows network security managers to focus on the items that will most effectively reduce risk on critical systems.
• Scan reports provide a link to an existing FortiOS IPS signature and a solution (whenever possible).
• Vulnerability signatures are automatically retrieved and applied to scan definitions
• Device-based licensing eliminates per-user fees to significantly lower entry cost and ongoing maintenance costs.

Acronym Key:

NIST: [US] National Institute of Standards and Technology
SCAP: Security Content Automation Protocol
FDCC: [US] Federal Desktop Core Configuration
PCI-DSS: Payment Card Industry Data Security Standards
SOX: Sarbanes-Oxley Act of 2002
GLBA: Gramm-Leach-Bliley Financial Services Modernization Act
HIPAA: Health Insurance Portability and Accountability Act