Fortinet black logo

Administration Guide

Deception philosophy

Copy Link
Copy Doc ID 63cab9f6-5858-11ec-bdf2-fa163e15d75b:133704
Download PDF

Deception philosophy

Deception philosophy is a straightforward concept. You deploy deception across the whole network infrastructure and location which generates a fake virtual network layer that masks the real assets with a fake one.

The networks today are fluid and dynamic, so we need to be sure that every network segment and location has this deception layer and capability.

For example:

  • IT Endpoint segment — Requires deployment of lures and decoys.
  • IT Servers segment — Requires deployment of lures and decoys.
  • Network Devices — Requires deployment of decoys.
  • IoT Devices — Requires deployment of decoys.
  • OT Devices — Requires deployment of decoys.
  • Data Repository — Requires deployment of honey files and decoys.
  • Application segment — Requires deployment of lures and decoys.
  • Network Traffic — Require decoys that generates fake network traffic and lure that creates fake network connections and entries on the endpoint level.
  • Public/Private Cloud — Requires deployment of decoys.

Deception philosophy

Deception philosophy is a straightforward concept. You deploy deception across the whole network infrastructure and location which generates a fake virtual network layer that masks the real assets with a fake one.

The networks today are fluid and dynamic, so we need to be sure that every network segment and location has this deception layer and capability.

For example:

  • IT Endpoint segment — Requires deployment of lures and decoys.
  • IT Servers segment — Requires deployment of lures and decoys.
  • Network Devices — Requires deployment of decoys.
  • IoT Devices — Requires deployment of decoys.
  • OT Devices — Requires deployment of decoys.
  • Data Repository — Requires deployment of honey files and decoys.
  • Application segment — Requires deployment of lures and decoys.
  • Network Traffic — Require decoys that generates fake network traffic and lure that creates fake network connections and entries on the endpoint level.
  • Public/Private Cloud — Requires deployment of decoys.