DMZ mode is useful when you want to deploy decoys to a segment of the network that hosts critical services. When a threat actor attacks a server and attempts to move laterally inside the DMZ segment they are detected by the decoys without exposing the decoys on the Internet.
The DMZ Mode in FortiDeceptor functions like regular mode with the following exceptions:
- When DMZ mode is enabled, the banner displays DMZ-MODE.
- In Deception > Deployment Network, Deception Monitor IP/Mask is hidden. See Deployment Network.
- In Deception > Decoy & Lure Status in the Deception Status view, the Attack Test selection is disabled.
- Decoy VMs are limited to one deploy Interface. For information about IP address range, see Deploy Decoy VMs with the Deployment Wizard.
Enabling or disabling the DMZ mode removes all previous configurations including Decoy VMs, lures, and tokens. Deception OS is not removed.