Fortinet Document Library
Version:
4.2.0
4.1.1
4.1.0
Version:
4.0.1
4.0.0
3.3.2
Version:
3.3.1
3.3.0
3.2.2
Version:
3.2.1
3.2.0
3.1.1
Version:
3.1.0
3.0.2
3.0.1
Version:
3.0.0
2.1.0
2.0.0
Version:
1.1.0
1.0.1
Table of Contents
Introduction
Set up FortiDeceptor
Connect to the GUI
Connect to the CLI
Change the system hostname
Change the administrator password
Configure the system time
Upload license file to FortiDeceptor VM
Default port information
Central Management
Deploy Decoy VM
Customize Decoy VMs
View available Deception OS
Set up the Deployment Network
Deploy Decoy VMs with the Deployment Wizard
Deploy the FortiDeceptor token package
Monitor Decoy & Lure Status
Deployment Map
Configure a Safe List
Lure Resources
DMZ Mode
Monitor Attacks
Analysis
Campaign
Attack Map
Incidents and Events Distribution
Incidents and Events Count
Top 10 Attackers by Events
Top 10 Attackers by Incidents
Top 10 IPS Attacks
Incidents Distribution by Service
Global Attacker Distribution
Fabric
Integration Devices
Quarantine Status
System
Administrators
Admin Profiles
Certificates
LDAP Servers
RADIUS Servers
Mail Server
SNMP
FortiGuard
Settings
Login Disclaimer
Table Customization
System Settings
Dashboard
Customizing the dashboard
System Information
System Resources
Decoy Distribution by OS
Lure Distribution
Top Critical Logs
Disk Monitor
Basic System Settings
Change the GUI idle timeout
Microsoft Windows VM license activation
Log out of the unit
Update FortiDeceptor firmware
Reboot or shut down the unit
Back up or restore the system configuration
Network
Interfaces
DNS Configuration
System Routing
System Log
Logging Levels
Raw logs
Log Categories
Log Servers
Deploying FortiDeceptor in offline or air-gapped networks
Applying the license in an offline or air-gapped network
Importing deception VMs in an offline or air-gapped network
Importing firmware in an offline or air-gapped network
Importing an FDS package via FDC GUI in an offline or air-gapped network
Importing FDS package and license file via FortiManager in an offline or air-gapped network
Deception deployment best practices
Deception strategy
Deception strategy components
Deception strategy goals
Deception philosophy
Deception light stack vs full stack
FortiDeceptor platform
FortiDeceptor components
FortiDeceptor lures
FortiDeceptor decoys
Deploying deception
Deception decoy best practices
Deception lure best practices
AD integration best practices
Deployment best practices checklist
Network topology best practices
Attack vectors vs deception
Compromised internal endpoint using lateral movement
Lateral movement based on AD mapping
Lateral movement based on Mimikatz / PTH
Deploying tokens using AD GPO logon script
Configuring trunk ports on FortiDeceptor VM
Change Log
Home
FortiDeceptor 3.3.0
Administration Guide
Administration Guide
Introduction
Set up FortiDeceptor
Connect to the GUI
Connect to the CLI
Change the system hostname
Change the administrator password
Configure the system time
Upload license file to FortiDeceptor VM
Default port information
Central Management
Deploy Decoy VM
Customize Decoy VMs
View available Deception OS
Set up the Deployment Network
Deploy Decoy VMs with the Deployment Wizard
Deploy the FortiDeceptor token package
Monitor Decoy & Lure Status
Deployment Map
Configure a Safe List
Lure Resources
DMZ Mode
Monitor Attacks
Analysis
Campaign
Attack Map
Incidents and Events Distribution
Incidents and Events Count
Top 10 Attackers by Events
Top 10 Attackers by Incidents
Top 10 IPS Attacks
Incidents Distribution by Service
Global Attacker Distribution
Fabric
Integration Devices
Quarantine Status
System
Administrators
Admin Profiles
Certificates
LDAP Servers
RADIUS Servers
Mail Server
SNMP
FortiGuard
Settings
Login Disclaimer
Table Customization
System Settings
Dashboard
Customizing the dashboard
System Information
System Resources
Decoy Distribution by OS
Lure Distribution
Top Critical Logs
Disk Monitor
Basic System Settings
Change the GUI idle timeout
Microsoft Windows VM license activation
Log out of the unit
Update FortiDeceptor firmware
Reboot or shut down the unit
Back up or restore the system configuration
Network
Interfaces
DNS Configuration
System Routing
System Log
Logging Levels
Raw logs
Log Categories
Log Servers
Deploying FortiDeceptor in offline or air-gapped networks
Applying the license in an offline or air-gapped network
Importing deception VMs in an offline or air-gapped network
Importing firmware in an offline or air-gapped network
Importing an FDS package via FDC GUI in an offline or air-gapped network
Importing FDS package and license file via FortiManager in an offline or air-gapped network
Deception deployment best practices
Deception strategy
Deception strategy components
Deception strategy goals
Deception philosophy
Deception light stack vs full stack
FortiDeceptor platform
FortiDeceptor components
FortiDeceptor lures
FortiDeceptor decoys
Deploying deception
Deception decoy best practices
Deception lure best practices
AD integration best practices
Deployment best practices checklist
Network topology best practices
Attack vectors vs deception
Compromised internal endpoint using lateral movement
Lateral movement based on AD mapping
Lateral movement based on Mimikatz / PTH
Deploying tokens using AD GPO logon script
Configuring trunk ports on FortiDeceptor VM
Change Log
3.3.0
4.2.0
4.1.1
4.1.0
4.0.1
4.0.0
3.3.2
3.3.1
3.3.0
3.2.2
3.2.1
3.2.0
3.1.1
3.1.0
3.0.2
3.0.1
3.0.0
2.1.0
2.0.0
1.1.0
1.0.1
Download PDF
Copy Link
DNS Configuration
You can configure the primary and secondary DNS server addresses in
Network > System DNS
.
DNS Configuration
You can configure the primary and secondary DNS server addresses in
Network > System DNS
.
Link
PDF
TOC
