IMPORTANT
Action required: Apply the fix for SNS firewall disks.
Please follow the procedure described in the How to update my SSD Firmware - Stormshield Knowledge Base article (authentication required).
VULNERABILITY MANAGEMENT
In this menu, you will be able to configure your policy for managing vulnerabilities that may appear on your network.
You can assign a detection profile to a host, network, group or address range. There are 12 pre-configured profiles by default.
The configuration of vulnerability management therefore simply consists of:
- Linking network objects to detection profiles and
- Deciding which recipients will receive vulnerability reports.
The Vulnerability management configuration screen comprises 2 zones:
- A General configuration zone: it contains a checkbox for enabling the module and various items for the general configuration.
- Advanced properties: an area for determining data lifetime and excluded objects.
WARNING
The index of applications is based on the IP address of the host initiating the traffic.
A single IP address shared by several users can create a heavy load on the module. This happens for example, when an HTTP proxy, a TSE server or a router that performs dynamic NAT from the source, is used. It is therefore recommended that these shared IP addresses be placed in the exclusion list.