Fortinet black logo

Administration Guide

Home FortiDeceptor 4.3.0 Administration Guide

Integration with PAN devices

4.3.0
5.3.0
5.2.0
5.1.0
5.0.0
4.3.0
4.2.0
4.1.1
4.1.0
4.0.2
4.0.1
4.0.0
3.3.3
3.3.2
3.3.1
3.3.0
3.2.2
3.2.1
3.2.0
3.1.1
3.1.0
3.0.2
3.0.1
3.0.0
2.1.0
2.0.0
1.1.0
1.0.1
Copy Link
Copy Doc ID 94250e1c-2251-11ed-9eba-fa163e15d75b:217798
Download PDF

Integration with PAN devices

To integrate FortiDeceptor with PAN devices:
  1. Configure PAN.
  2. Configure the PAN device on FortiDeceptor.
  3. Check the PAN status on FortiDeceptor.
  4. Verify the policy has been added on PAN.
  5. Attack a decoy and check the quarantine status in FortiDeceptor.

1. Configure PAN

Create an administrator on the PAN device. For information, see the PAN-OS Administrator’s Guide.

2. Configure the PAN device on FortiDeceptor

  1. In FortiDeceptor, go to Fabric > Quarantine Integration and click + Quarantine Integration with new device.
  2. Configure the integration settings and click Save.

    Enabled

    Enable

    Name

    Enter a name for the integration.

    Integration MethodSelect PAN-XMLAPI.
    Device IPEnter the IP for the PAN device.

    Port

    Enter the port number for the PAN device.

    Username Enter the username for the PAN device.
    PasswordEnter the password the PAN device.

    Vsys

    The virtual system (Vsys) which is configured on the PAN device.

    Policy Index

    Select Top or Bottom.

    Expiry

    Default blocking time in seconds. Default is 3600 seconds.

3. Check the PAN status on FortiDeceptor

In FortiDeceptor, click Quarantine Integration and verify the PAN device status is Ready.

4. Verify the policy has been added on PAN

For more information about PAN polices, see the PAN-OS Administrator’s Guide.

5. Attack a decoy and check the quarantine status in FortiDeceptor

To check quarantine status in FortiDeceptor:
  1. Go to Fabric > Quarantine Status.
  2. Search for the PAN device in the Integrated Device column.

Previous
Next

Integration with PAN devices

To integrate FortiDeceptor with PAN devices:
  1. Configure PAN.
  2. Configure the PAN device on FortiDeceptor.
  3. Check the PAN status on FortiDeceptor.
  4. Verify the policy has been added on PAN.
  5. Attack a decoy and check the quarantine status in FortiDeceptor.

1. Configure PAN

Create an administrator on the PAN device. For information, see the PAN-OS Administrator’s Guide.

2. Configure the PAN device on FortiDeceptor

  1. In FortiDeceptor, go to Fabric > Quarantine Integration and click + Quarantine Integration with new device.
  2. Configure the integration settings and click Save.

    Enabled

    Enable

    Name

    Enter a name for the integration.

    Integration MethodSelect PAN-XMLAPI.
    Device IPEnter the IP for the PAN device.

    Port

    Enter the port number for the PAN device.

    Username Enter the username for the PAN device.
    PasswordEnter the password the PAN device.

    Vsys

    The virtual system (Vsys) which is configured on the PAN device.

    Policy Index

    Select Top or Bottom.

    Expiry

    Default blocking time in seconds. Default is 3600 seconds.

3. Check the PAN status on FortiDeceptor

In FortiDeceptor, click Quarantine Integration and verify the PAN device status is Ready.

4. Verify the policy has been added on PAN

For more information about PAN polices, see the PAN-OS Administrator’s Guide.

5. Attack a decoy and check the quarantine status in FortiDeceptor

To check quarantine status in FortiDeceptor:
  1. Go to Fabric > Quarantine Status.
  2. Search for the PAN device in the Integrated Device column.

Previous
Next