DMZ Mode
Deploy a FortiDeceptor hardware unit or VM in the Demilitarized Zone (DMZ). You can monitor attacks on the DMZ network when FortiDeceptor is installed in the DMZ network.
Limitations of the DMZ Mode
The DMZ Mode in FortiDeceptor functions like regular mode with the following exceptions:
- When DMZ mode is enabled, the banner displays DMZ-MODE.
- In Deception > Deployment Network, Deception Monitor IP/Mask is hidden. See Set up the Deployment Network.
- In Deception > Decoy & Lure Status in the Deception Status view, the Attack Test selection is disabled.
- Decoy VMs are limited to one deploy Interface. For information about IP address range, see Deploy Decoy VMs with the Deployment Wizard.
To enable DMZ mode in the CLI:
dmz-mode -e
To disable DMZ mode in the CLI:
dmz-mode -d
Enabling or disabling the DMZ mode removes all previous configurations including Decoy VMs, lures, and tokens. Deception OS is not removed. |