Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

Administration Guide

Deployment Network

Use the Deployment Network page to set up a monitoring interface into a VLAN or a subnet.

The Deployment Network page displays the following information:

Action

Click Edit to edit the VLAN or subnet entry. The Edit button is visible only after the entry is saved.

Click Delete to remove a VLAN or Subnet.

Status

Status of the IP address, such as if it is initialized.

Name

Name of the VLAN or subnet.

Interface

The port that connects to the VLAN or subnet.

VLAN ID

The VLAN's unique integer ID.

Deploy Monitor IP/Mask

The IP address to monitor.

Tag

The tag for the VLAN or subnet.

Gateway

The gateway IP address of the deployment network.

ARP Protection

Indicates ARP Protection is enabled (Yes) or disabled (No).

Setting up the deployment network

To add a VLAN or subnet to FortiDeceptor:
  1. Go to Deception > Deployment Network.
  2. Enable Auto VLAN Detection to automatically detect the VLANs on your network.

    Auto VLAN detection allows FortiDeceptor to detect the available VLANs on the deployment network interface and display them in the GUI. You can select and add the VLANs for the deployment of Decoys later.

  3. Select the Detection Interface and click OK. You can select multiple ports.
  4. Click Add New VLAN/Subnet to manually add a VLAN or a subnet. Configure the following settings:

    Name

    Name of the VLAN or subnet.

    Interface

    The port that connects to the VLAN or subnet.

    VLAN ID

    The VLAN's unique integer ID.

    Deploy Monitor

    The IP address to monitor.

    Note

    The deploy monitor IP/Mask must be an IP address and not a subnet.

    You must use the following guidelines to set the network IP/mask:

    • Interface name and VLAN ID must be unique among all network IP/masks.
    • If VLAN ID is 0, the network IP/mask must be unique among all the network IP/masks without VLAN and all system interfaces.
    • If VLAN is not 0, the network IP/mask must be unique among all subnets in the same VLAN.

    Gateway

    The gateway IP address of the deployment network.

    ARP Protection

    Select to enable ARP poisoning detection. ARP Protection is disabled by default. Upgrading FortiDeceptor will disable this setting.

    Tag

    You can specify a tag for the VLAN or subnet.

    Ref

    The number of objects referring to this object.

    Note

    Each VLAN/Subnet with a network mask of /24 and higher is counted as one seat of the VLAN license.

    Each VLAN/Subnet with a network mask less than /24 is counted as two seats of the VLAN license.

  5. Click Save.

Deployment Network

Use the Deployment Network page to set up a monitoring interface into a VLAN or a subnet.

The Deployment Network page displays the following information:

Action

Click Edit to edit the VLAN or subnet entry. The Edit button is visible only after the entry is saved.

Click Delete to remove a VLAN or Subnet.

Status

Status of the IP address, such as if it is initialized.

Name

Name of the VLAN or subnet.

Interface

The port that connects to the VLAN or subnet.

VLAN ID

The VLAN's unique integer ID.

Deploy Monitor IP/Mask

The IP address to monitor.

Tag

The tag for the VLAN or subnet.

Gateway

The gateway IP address of the deployment network.

ARP Protection

Indicates ARP Protection is enabled (Yes) or disabled (No).

Setting up the deployment network

To add a VLAN or subnet to FortiDeceptor:
  1. Go to Deception > Deployment Network.
  2. Enable Auto VLAN Detection to automatically detect the VLANs on your network.

    Auto VLAN detection allows FortiDeceptor to detect the available VLANs on the deployment network interface and display them in the GUI. You can select and add the VLANs for the deployment of Decoys later.

  3. Select the Detection Interface and click OK. You can select multiple ports.
  4. Click Add New VLAN/Subnet to manually add a VLAN or a subnet. Configure the following settings:

    Name

    Name of the VLAN or subnet.

    Interface

    The port that connects to the VLAN or subnet.

    VLAN ID

    The VLAN's unique integer ID.

    Deploy Monitor

    The IP address to monitor.

    Note

    The deploy monitor IP/Mask must be an IP address and not a subnet.

    You must use the following guidelines to set the network IP/mask:

    • Interface name and VLAN ID must be unique among all network IP/masks.
    • If VLAN ID is 0, the network IP/mask must be unique among all the network IP/masks without VLAN and all system interfaces.
    • If VLAN is not 0, the network IP/mask must be unique among all subnets in the same VLAN.

    Gateway

    The gateway IP address of the deployment network.

    ARP Protection

    Select to enable ARP poisoning detection. ARP Protection is disabled by default. Upgrading FortiDeceptor will disable this setting.

    Tag

    You can specify a tag for the VLAN or subnet.

    Ref

    The number of objects referring to this object.

    Note

    Each VLAN/Subnet with a network mask of /24 and higher is counted as one seat of the VLAN license.

    Each VLAN/Subnet with a network mask less than /24 is counted as two seats of the VLAN license.

  5. Click Save.