Fortinet black logo

Administration Guide

Home FortiDeceptor 3.0.2 Administration Guide

FortiGate Integration

3.0.2
5.3.0
5.2.0
5.1.0
5.0.0
4.3.0
4.2.0
4.1.1
4.1.0
4.0.2
4.0.1
4.0.0
3.3.3
3.3.2
3.3.1
3.3.0
3.2.2
3.2.1
3.2.0
3.1.1
3.1.0
3.0.2
3.0.1
3.0.0
2.1.0
2.0.0
1.1.0
1.0.1
Copy Link
Copy Doc ID 0e0598f0-22ba-11eb-96b9-00505692583a:732297
Download PDF

FortiGate Integration

Use Fabric > FortiGate Integration to configure FortiGate settings for integration with FortiDeceptor. FortiDeceptor uses FortiGate REST APIs to make quarantine calls when decoys are accessed. Attackers are immediately quarantined on the FortiGate for further analysis.

The following options are available:

Severity level

Select the security level. The selected level and all levels above it are blocked. For example, if you select Medium, then medium, high, and critical levels are blocked. If you select Critical, then only the critical level is blocked.

Add new block configuration

Create a new FortiGate integration setting.

Update

Save the modified FortiGate integration setting to a configuration file.

Cancel

Discard current changes.

Edit

Edit the record.

Delete

Delete the record.

Test

Manually send quarantine request to the corresponding FortiGate.

The following information is displayed:

Name

Alias of the integrated FortiGate.

IP

IP address of the integrated FortiGate.

User

Username of the integrated FortiGate.

Password

Password of that username.

Port

Port number of the integrated FortiGate REST API service. Default is 443.

Default Expiry

Default blocking time in second. Default is 3600 seconds.

Default VDOM

The default access VDOM of the integrated FortiGate.

Type

FortiGate (read-only value).

Enabled

Enable or disable the integration setting.
Previous
Next

FortiGate Integration

Use Fabric > FortiGate Integration to configure FortiGate settings for integration with FortiDeceptor. FortiDeceptor uses FortiGate REST APIs to make quarantine calls when decoys are accessed. Attackers are immediately quarantined on the FortiGate for further analysis.

The following options are available:

Severity level

Select the security level. The selected level and all levels above it are blocked. For example, if you select Medium, then medium, high, and critical levels are blocked. If you select Critical, then only the critical level is blocked.

Add new block configuration

Create a new FortiGate integration setting.

Update

Save the modified FortiGate integration setting to a configuration file.

Cancel

Discard current changes.

Edit

Edit the record.

Delete

Delete the record.

Test

Manually send quarantine request to the corresponding FortiGate.

The following information is displayed:

Name

Alias of the integrated FortiGate.

IP

IP address of the integrated FortiGate.

User

Username of the integrated FortiGate.

Password

Password of that username.

Port

Port number of the integrated FortiGate REST API service. Default is 443.

Default Expiry

Default blocking time in second. Default is 3600 seconds.

Default VDOM

The default access VDOM of the integrated FortiGate.

Type

FortiGate (read-only value).

Enabled

Enable or disable the integration setting.
Previous
Next