Fortinet black logo

Administration Guide

Home FortiDeceptor 3.0.0 Administration Guide

Blocking

3.0.0
5.3.0
5.2.0
5.1.0
5.0.0
4.3.0
4.2.0
4.1.1
4.1.0
4.0.2
4.0.1
4.0.0
3.3.3
3.3.2
3.3.1
3.3.0
3.2.2
3.2.1
3.2.0
3.1.1
3.1.0
3.0.2
3.0.1
3.0.0
2.1.0
2.0.0
1.1.0
1.0.1
Copy Link
Copy Doc ID 7231d54a-211f-11ea-9384-00505692583a:732297
Download PDF

Blocking

Use FortiGate Integration to configure FortiGate settings for integration with FortiDeceptor. FortiDeceptor uses FortiGate REST APIs to make quarantine calls when decoys are accessed. Attackers are immediately quarantined on the FortiGate for further analysis.

The following options are available:

Severity level

Select the security level. The selected level and all levels above it are blocked. For example, if you select Medium, then medium, high, and critical levels are blocked. If you select Critical, then only the critical level is blocked.

Add new block configuration

Create a new FortiGate integration setting.

Update

Save the modified FortiGate integration setting to a configuration file.

Cancel

Discard current changes.

Edit

Edit the record.

Delete

Delete the record.

Test

Manually send quarantine request to the corresponding FortiGate.

The following information is displayed:

Name

Alias name of the integrated FortiGate.

IP

IP address of the integrated FortiGate.

User

Username of the integrated FortiGate.

Password

Password of that username.

Port

Port number of the integrated FortiGate REST API service. Default port number is 443.

Default Expiry

Default blocking time in second. Default is 3600 seconds.

Default VDOM

The default access VDOM of the integrated FortiGate.

Type

FortiGate (read only value).

Enabled

Enable or disable the integration setting.
Previous
Next

Blocking

Use FortiGate Integration to configure FortiGate settings for integration with FortiDeceptor. FortiDeceptor uses FortiGate REST APIs to make quarantine calls when decoys are accessed. Attackers are immediately quarantined on the FortiGate for further analysis.

The following options are available:

Severity level

Select the security level. The selected level and all levels above it are blocked. For example, if you select Medium, then medium, high, and critical levels are blocked. If you select Critical, then only the critical level is blocked.

Add new block configuration

Create a new FortiGate integration setting.

Update

Save the modified FortiGate integration setting to a configuration file.

Cancel

Discard current changes.

Edit

Edit the record.

Delete

Delete the record.

Test

Manually send quarantine request to the corresponding FortiGate.

The following information is displayed:

Name

Alias name of the integrated FortiGate.

IP

IP address of the integrated FortiGate.

User

Username of the integrated FortiGate.

Password

Password of that username.

Port

Port number of the integrated FortiGate REST API service. Default port number is 443.

Default Expiry

Default blocking time in second. Default is 3600 seconds.

Default VDOM

The default access VDOM of the integrated FortiGate.

Type

FortiGate (read only value).

Enabled

Enable or disable the integration setting.
Previous
Next