Security Rating

Facebooktwittergoogle_plusredditpinterestlinkedinFacebooktwittergoogle_plusredditpinterestlinkedin

In this recipe, you run a Security Rating check, which analyzes the Fortinet Security Fabric deployment to identify potential vulnerabilities and highlight best practices.

Using the Security Rating can help you improve your network configuration, deploy new hardware and software, and gain more visibility and control over your network. By regularly checking your Security Rating and your Security Rating Score, and making the recommended improvements, you can have confidence that your network is getting more secure over time.

This recipe is in the Fortinet Security Fabric Collection. You can also use it as a standalone recipe.

To run all available checks, you must have a valid Security Rating license from FortiGuard. If you don’t have a license, only certain checks are available. For more information about these checks, see Security Best Practices & Security Rating Feature.

Note: Not all FortiGate models can run the FortiGuard Security Rating Service if they are the root FortiGate in a Security Fabric. For more information, see the FortiOS 6.0 Release Notes.

Find this recipe for other FortiOS versions
5.6 | 6.0

1. Checking the Security Rating widget

Go to the Dashboard and locate the Security Rating widget. In the example, the widget doesn’t display any information because it’s not properly configured.

 

Once you configure the widget, it displays a comparison between your Security Rating and the ratings of other organizations.You can compare your rating to the ratings of organizations that belong to all industries or the same industry as your organization. . You can also compare your rating with organizations in your region or all regions.

To change which organizations your score is compared to, select the options menu in the top right corner, then select Settings.

2. Checking your Security Rating

On Edge, go to Security Fabric > Security Rating. The Security Rating runs automatically on the root FortiGate. However, if you want more recent results, select Run Now to run another Security Rating.

You can also select whether to run the Security Rating on All FortiGates or on specific FortiGate devices in the Security Fabric.

At the top of the page, you can see your network’s Security Rating, which shows which percentile your network is in compared to other organizations. You can also see your Security Rating Score, which is based on how many checks your Security Fabric passed or failed, and how many FortiGate units are in your network.

Further down the page, you can see information about each failed check, including which FortiGate failed the check, the effect on your Security Rating Score, and recommendations for how you can the issue.

In the next step of the Security Rating, you can apply recommendations marked as Easy Apply to any FortiGate in the Security Fabric. However, if the Security Rating results are older than 30 minutes, you must first run it again to make sure all information is current and accurate.

By using Easy Apply, you can change the configuration of any FortiGate in the Security Fabric from the root FortiGate.

Select all the changes that you want to make, then select Apply Recommendations.

3. Results

Go to the Dashboard. The Security Rating widget displays information from the most recent Security Rating check.

Go to Security Fabric > Physical Topology. Each FortiGate has a Security Rating indicator, which is circle that contains a number. The number shows how many checks the FortiGate failed and the color shows the severity of failed checks (red for critical, orange for high, yellow for medium, and blue for low).

To view the failed checks on a specific FortiGate unit, select the Security Rating indicator on the FortiGate in the topology.

A screen appears, showing the Security Rating recommendations for that unit. You can also apply Easy Apply recommendations from here.

 

 

For further reading, check out Running a Security Fabric Rating in the FortiOS 6.0 Online Help.

Victoria Martin

Victoria Martin

Technical Writer at Fortinet
Victoria Martin works in Ottawa as part of the FortiOS technical documentation team. She graduated with a Bachelor's degree from Mount Allison University, after which she attended Humber College's book publishing program, followed by the more practical technical writing program at Algonquin College. She does need glasses but also likes wearing them, since glasses make you look smarter.
Victoria Martin
  • Was this helpful?
  • Yes   No
Your FortiCare account settings determine your industry categorization.