IMPORTANT
SNS 3.x versions have reached End of Maintenance since July 1st, 2024.
We recommend that you update your SNS firewalls to a version with maintenance to guarantee the protection of your infrastructure.
VULNERABILITY MANAGEMENT
In this menu, you will be able to configure your policy for managing vulnerabilities that may appear on your network.
You can assign a detection profile to a host, network, group or address range. There are 12 pre-configured profiles by default.
The configuration of vulnerability management therefore simply consists of:
- Linking network objects to detection profiles and
- Deciding which recipients will receive vulnerability reports.
The Vulnerability management configuration screen comprises 2 zones:
- A General configuration zone: it contains a checkbox for enabling the module and various items for the general configuration.
- Advanced properties: an area for determining data lifetime and excluded objects.
WARNING
The index of applications is based on the IP address of the host initiating the traffic.
A single IP address shared by several users can create a heavy load on the module. This happens for example, when an http proxy, a TSE server or a router that performs dynamic NAT from the source, is used. It is therefore recommended that these shared IP addresses be placed in the exclusion list.