Fortinet black logo

Administration Guide

Home FortiDeceptor 2.1.0 Administration Guide
2.1.0
5.3.0
5.2.0
5.1.0
5.0.0
4.3.0
4.2.0
4.1.1
4.1.0
4.0.2
4.0.1
4.0.0
3.3.3
3.3.2
3.3.1
3.3.0
3.2.2
3.2.1
3.2.0
3.1.1
3.1.0
3.0.2
3.0.1
3.0.0
2.1.0
2.0.0
1.1.0
1.0.1

Quarantine Status

Quarantine Status

The Quarantine Status menu displays the status of blocking/quarantine IP addresses. It also lets you manually block/unblock devices. Following options are available:

Refresh

Refresh the page to get latest data.

Block

Manually send a blocking request for the selected attacker IP addresses in the table.

Unblock

Manually send an unblocking request for the selected attack IP addresses in the table.

The following information is displayed:

Attacker IP

The IP addresses of blocked attacker.

Start

The start time of blocking behavior.

End

The end time of blocking behavior.

Handler Address

The IP address of the integrated FortiGate.

Handler

The integrated device type.

Handle Type

The blocking type, manual or automatic quarantine.

Time to Live

The blocking time period.

Status

The current status of the attacker.

Message

The related message for the blocking entry.

IOC Export

The IOC Export function exports the IOC file in CSV format for a specified time period. The CSV file can be processed by third party Threat Intelligence Platforms. The file contains the TimeStamp, Incident time, Attacker IP, related files and WCF (Web Content Filtering) events. The export configuration includes MD5 checksums, WCF category and Reconnaissance Alerts.

Previous
Next

Quarantine Status

The Quarantine Status menu displays the status of blocking/quarantine IP addresses. It also lets you manually block/unblock devices. Following options are available:

Refresh

Refresh the page to get latest data.

Block

Manually send a blocking request for the selected attacker IP addresses in the table.

Unblock

Manually send an unblocking request for the selected attack IP addresses in the table.

The following information is displayed:

Attacker IP

The IP addresses of blocked attacker.

Start

The start time of blocking behavior.

End

The end time of blocking behavior.

Handler Address

The IP address of the integrated FortiGate.

Handler

The integrated device type.

Handle Type

The blocking type, manual or automatic quarantine.

Time to Live

The blocking time period.

Status

The current status of the attacker.

Message

The related message for the blocking entry.

IOC Export

The IOC Export function exports the IOC file in CSV format for a specified time period. The CSV file can be processed by third party Threat Intelligence Platforms. The file contains the TimeStamp, Incident time, Attacker IP, related files and WCF (Web Content Filtering) events. The export configuration includes MD5 checksums, WCF category and Reconnaissance Alerts.

Previous
Next