Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

Administration Guide

Deception philosophy

Deception philosophy is a straightforward concept. You deploy deception across the whole network infrastructure and location which generates a fake virtual network layer that masks the real assets with a fake one.

The networks today are fluid and dynamic, so we need to be sure that every network segment and location has this deception layer and capability.

For example:

  • IT Endpoint segment — Requires deployment of lures and decoys.
  • IT Servers segment — Requires deployment of lures and decoys.
  • Network Devices — Requires deployment of decoys.
  • IoT Devices — Requires deployment of decoys.
  • OT Devices — Requires deployment of decoys.
  • Data Repository — Requires deployment of honey files and decoys.
  • Application segment — Requires deployment of lures and decoys.
  • Network Traffic — Require decoys that generates fake network traffic and lure that creates fake network connections and entries on the endpoint level.
  • Public/Private Cloud — Requires deployment of decoys.

Deception philosophy

Deception philosophy is a straightforward concept. You deploy deception across the whole network infrastructure and location which generates a fake virtual network layer that masks the real assets with a fake one.

The networks today are fluid and dynamic, so we need to be sure that every network segment and location has this deception layer and capability.

For example:

  • IT Endpoint segment — Requires deployment of lures and decoys.
  • IT Servers segment — Requires deployment of lures and decoys.
  • Network Devices — Requires deployment of decoys.
  • IoT Devices — Requires deployment of decoys.
  • OT Devices — Requires deployment of decoys.
  • Data Repository — Requires deployment of honey files and decoys.
  • Application segment — Requires deployment of lures and decoys.
  • Network Traffic — Require decoys that generates fake network traffic and lure that creates fake network connections and entries on the endpoint level.
  • Public/Private Cloud — Requires deployment of decoys.