Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Administration Guide

    Home FortiDeceptor 5.1.0 Administration Guide
    5.1.0
    6.0.1
    6.0.0
    5.3.2
    5.3.1
    5.3.0
    5.2.0
    5.1.0
    5.0.0
    4.3.0
    4.2.0
    4.1.1
    4.1.0
    4.0.2
    4.0.1
    4.0.0
    3.3.3
    3.3.2
    3.3.1
    3.3.0
    3.2.2
    3.2.1
    3.2.0
    3.1.1
    3.1.0
    3.0.2
    3.0.1
    3.0.0
    2.1.0
    2.0.0
    1.1.0
    1.0.1

    Available Deception OSes, Decoys and Selected Services

    Available Deception OSes, Decoys and Selected Services

    The following table shows the Available Deception OSes and their corresponding Available Deception Decoys and Selected Services in the Deployment Wizard.

    The Available Deception Decoys are only available for SCADAV3/IoT, Ubuntu16v2, Ubuntu18v1, VoIPv1 and Medicalv1 deception OSes. The decoy you select determines the available Selected Services.

    dd ‘C-More HMI’

    as Available Deception Decoys, the Selected Services are ‘SNMP, HTTP, FTP, HTTPS’;

    add ‘Modicon M241’

    as Available Deception Decoys, the Selected Services are ‘TFTP, SNMP, MODBUS, ENIP, HTTP’;

    add ‘Modicon M580’

    as Available Deception Decoys, the Selected Services are ‘TFTP, SNMP, MODBUS, ENIP, HTTP’;

    add ‘Emerson iPro by Dixell’

    as Available Deception Decoys, the Selected Services are ‘SNMP, MODBUS, HTTP’.
    Available Deception OSes Available Deception Decoys Selected Services
    centosv1 SSH, SAMBA, HTTP, HTTPS, GIT, TCPListener. ICMP, FTP
    fgt601v1 SSLVPN
    crmv1 ERP-WEB
    scadav3

    		 Liebert Spruce UPS TFTP, SNMP, HTTP
    Schneider Power Meter - PM5560 SNMP, BACNET, HTTP, DNP3, ENIP
    MOXA NPORT 5110 SNMP, Telnet, HTTP, MOXA
    Rockwell 1769-L35E Ethernet Port SNMP, ENIP, HTTP
    GE PLC 90 SNMP, HTTP, SRTP
    Kamstrup 382 KAMSTRUP
    Siemens S7-200 PLC HTTP, TFTP, SNMP, MODBUS, S7COMM
    VAV-DD BACnet controller SNMP, BACNET

    Niagra4 Station

    SNMP, HTTP, BACNET

    Schneider EcoStruxure BMS server

    SNMP, HTTP, TRICONEX, BACNET

    Rockwell PLC

    HTTP, TFTP, SNMP, ENIP

    NiagaraAX Station

    SNMP, HTTP, BACNET

    Rockwell 1769-L16ER/B LOGIX5316ER

    SNMP, ENIP, HTTP

    Guardian-AST

    Guardian-AST

    Schneider SCADAPack 333E

    SNMP, DNP3, Telnet

    Siemens S7-300 PLC

    TFTP, SNMP, IEC104

    IPMI Device

    HTTP, FTP, SNMP, IPMI

    Siemens S7-1500 PLC

    HTTP, TFTP, SNMP, IEC104, PROFINET

    Phoenix contact AXC 1050

    HTTP, SNMP, PROFINET, FTP

    PowerLogic ION7650

    SNMP, MODBUS, DNP3, HTTP

    Ascent Compass MNG

    HTTP, FTP, SNMP, IPMI, BACNET

    C-More HMI

    SNMP, HTTP, FTP, HTTPS

    Modicon M241

    TFTP, SNMP, MODBUS, ENIP, HTTP

    Modicon M580

    TFTP, SNMP, MODBUS, ENIP, HTTP

    Emerson iPro by Dixell

    SNMP, MODBUS, HTTP

    ubuntu16v2

    		 Elastic Search Elastic Search
    Linux Decoy SSH, SAMBA, TCPListener, HTTP, HTTPS, GIT, ICMP, FTP
    ESXI Decoy SSH, HTTP, HTTPS

    Mac Decoy

    SSH, vnc

    Ubuntu16v1

    SSH, SAMBA, TCPListner, HTTP, HTTPS, GIT

    Ubuntu18v1

    Tomcat

    HTTP, HTTPS

    MariaDB

    MariaDB

    ESXI

    SSH, HTTP, HTTPS

    Elastic Search

    Elastic Search

    Linux

    SSH, SAMBA, HTTP, HTTPS, GIT, TCPListener, ICMP, FTP

    ScadaBR

    ScadaBR
    win7x64v1 RDP, SMB, TCPListener, NBNSSpoofSpotter, HTTP/HTTPS, MSSQL, ICMP, FTP

    Custom Windows 2016/2019

    RDP, SMB, TCPListener, NBNSSpoofSpotter, ICMP, FTP, SWIFT Lite2

    Custom Redhat Linux

    HTTP, HTTPS, GIT, SAMBA, SSH, SMTP, TCPListener, FTP, RADIUS
    win10v1 RDP, SMB, TCPListener, NBNSSpoofSpotter, SWIFT Lite2

    *outbreakv1

    Spring4Shell

    Spring4Shell

    Note

    Spring4Shell services need time to download. There may be a delay displaying these services in the Deception OS and Deployment Wizard pages after the outbreakv1 OS is installed.

    Log4j2

    Log4j2

    Note

    Log4j2 services need time to download. There may be a delay displaying these services in the Deception OS and Deployment Wizard pages after the outbreakv1 OS is installed.

    posv1

    POS-WEB

    iotv1

    		 Lexmark Printer Decoy SNMP, Jetdirect, Printer-WEB
    HP Printer Decoy SNMP, Jetdirect, Printer-WEB
    Cisco Router Decoy Telnet, HTTP, SNMP, CDP
    Brother MFC Printer SNMP, Jetdirect, Printer-WEB
    TP-LINK Router Decoy TP-LInk WEB, CWMP

    IP Camera Decoy

    IP Camera-WEB, UPnP, SNMP, RTSP

    SWIFT VPN Gateway

    Telnet, HTTPS

    medicalv1

    		 PACS Decoy Infusion Pump (Telnet), Infusion Pump (FTP)
    SPACECOM Decoy HTTP, HTTPS, FTP, CAN bus Protocol, SSH
    INFUSOMAT Decoy HTTP, HTTPS, FTP, CAN bus Protocol, B.BRAUN

    sapv1

    SAP ROUTER, SAP DISPATCHER, SAP WEB

    voipv

    MQTT WEB, CoAP, SIP, XMPP WEB

    *Outbreakv1: When a cybersecurity incident/attack/event occurs that has large ramifications for the cybersecurity industry and affects numerous organizations, FortiGuard Outbreak Alerts will be the mechanism for communicating important information to Fortinet's customers and partners. These Outbreak Alerts will help you understand what happened, the technical details of the attack and how organizations can protect themselves from it and others like it. The FortiDeceptor Deception VM called Outbreakv1 provides the outbreak vulnerabilities that the FortiGuard Outbreak Alerts cover. For example, you can deploy a network decoy based on FortiGuard Outbreak Alerts such as Spring4Shell and Log4j2.

    Previous
    Next

    Available Deception OSes, Decoys and Selected Services

    Available Deception OSes, Decoys and Selected Services

    The following table shows the Available Deception OSes and their corresponding Available Deception Decoys and Selected Services in the Deployment Wizard.

    The Available Deception Decoys are only available for SCADAV3/IoT, Ubuntu16v2, Ubuntu18v1, VoIPv1 and Medicalv1 deception OSes. The decoy you select determines the available Selected Services.

    dd ‘C-More HMI’

    as Available Deception Decoys, the Selected Services are ‘SNMP, HTTP, FTP, HTTPS’;

    add ‘Modicon M241’

    as Available Deception Decoys, the Selected Services are ‘TFTP, SNMP, MODBUS, ENIP, HTTP’;

    add ‘Modicon M580’

    as Available Deception Decoys, the Selected Services are ‘TFTP, SNMP, MODBUS, ENIP, HTTP’;

    add ‘Emerson iPro by Dixell’

    as Available Deception Decoys, the Selected Services are ‘SNMP, MODBUS, HTTP’.
    Available Deception OSes Available Deception Decoys Selected Services
    centosv1 SSH, SAMBA, HTTP, HTTPS, GIT, TCPListener. ICMP, FTP
    fgt601v1 SSLVPN
    crmv1 ERP-WEB
    scadav3

    		 Liebert Spruce UPS TFTP, SNMP, HTTP
    Schneider Power Meter - PM5560 SNMP, BACNET, HTTP, DNP3, ENIP
    MOXA NPORT 5110 SNMP, Telnet, HTTP, MOXA
    Rockwell 1769-L35E Ethernet Port SNMP, ENIP, HTTP
    GE PLC 90 SNMP, HTTP, SRTP
    Kamstrup 382 KAMSTRUP
    Siemens S7-200 PLC HTTP, TFTP, SNMP, MODBUS, S7COMM
    VAV-DD BACnet controller SNMP, BACNET

    Niagra4 Station

    SNMP, HTTP, BACNET

    Schneider EcoStruxure BMS server

    SNMP, HTTP, TRICONEX, BACNET

    Rockwell PLC

    HTTP, TFTP, SNMP, ENIP

    NiagaraAX Station

    SNMP, HTTP, BACNET

    Rockwell 1769-L16ER/B LOGIX5316ER

    SNMP, ENIP, HTTP

    Guardian-AST

    Guardian-AST

    Schneider SCADAPack 333E

    SNMP, DNP3, Telnet

    Siemens S7-300 PLC

    TFTP, SNMP, IEC104

    IPMI Device

    HTTP, FTP, SNMP, IPMI

    Siemens S7-1500 PLC

    HTTP, TFTP, SNMP, IEC104, PROFINET

    Phoenix contact AXC 1050

    HTTP, SNMP, PROFINET, FTP

    PowerLogic ION7650

    SNMP, MODBUS, DNP3, HTTP

    Ascent Compass MNG

    HTTP, FTP, SNMP, IPMI, BACNET

    C-More HMI

    SNMP, HTTP, FTP, HTTPS

    Modicon M241

    TFTP, SNMP, MODBUS, ENIP, HTTP

    Modicon M580

    TFTP, SNMP, MODBUS, ENIP, HTTP

    Emerson iPro by Dixell

    SNMP, MODBUS, HTTP

    ubuntu16v2

    		 Elastic Search Elastic Search
    Linux Decoy SSH, SAMBA, TCPListener, HTTP, HTTPS, GIT, ICMP, FTP
    ESXI Decoy SSH, HTTP, HTTPS

    Mac Decoy

    SSH, vnc

    Ubuntu16v1

    SSH, SAMBA, TCPListner, HTTP, HTTPS, GIT

    Ubuntu18v1

    Tomcat

    HTTP, HTTPS

    MariaDB

    MariaDB

    ESXI

    SSH, HTTP, HTTPS

    Elastic Search

    Elastic Search

    Linux

    SSH, SAMBA, HTTP, HTTPS, GIT, TCPListener, ICMP, FTP

    ScadaBR

    ScadaBR
    win7x64v1 RDP, SMB, TCPListener, NBNSSpoofSpotter, HTTP/HTTPS, MSSQL, ICMP, FTP

    Custom Windows 2016/2019

    RDP, SMB, TCPListener, NBNSSpoofSpotter, ICMP, FTP, SWIFT Lite2

    Custom Redhat Linux

    HTTP, HTTPS, GIT, SAMBA, SSH, SMTP, TCPListener, FTP, RADIUS
    win10v1 RDP, SMB, TCPListener, NBNSSpoofSpotter, SWIFT Lite2

    *outbreakv1

    Spring4Shell

    Spring4Shell

    Note

    Spring4Shell services need time to download. There may be a delay displaying these services in the Deception OS and Deployment Wizard pages after the outbreakv1 OS is installed.

    Log4j2

    Log4j2

    Note

    Log4j2 services need time to download. There may be a delay displaying these services in the Deception OS and Deployment Wizard pages after the outbreakv1 OS is installed.

    posv1

    POS-WEB

    iotv1

    		 Lexmark Printer Decoy SNMP, Jetdirect, Printer-WEB
    HP Printer Decoy SNMP, Jetdirect, Printer-WEB
    Cisco Router Decoy Telnet, HTTP, SNMP, CDP
    Brother MFC Printer SNMP, Jetdirect, Printer-WEB
    TP-LINK Router Decoy TP-LInk WEB, CWMP

    IP Camera Decoy

    IP Camera-WEB, UPnP, SNMP, RTSP

    SWIFT VPN Gateway

    Telnet, HTTPS

    medicalv1

    		 PACS Decoy Infusion Pump (Telnet), Infusion Pump (FTP)
    SPACECOM Decoy HTTP, HTTPS, FTP, CAN bus Protocol, SSH
    INFUSOMAT Decoy HTTP, HTTPS, FTP, CAN bus Protocol, B.BRAUN

    sapv1

    SAP ROUTER, SAP DISPATCHER, SAP WEB

    voipv

    MQTT WEB, CoAP, SIP, XMPP WEB

    *Outbreakv1: When a cybersecurity incident/attack/event occurs that has large ramifications for the cybersecurity industry and affects numerous organizations, FortiGuard Outbreak Alerts will be the mechanism for communicating important information to Fortinet's customers and partners. These Outbreak Alerts will help you understand what happened, the technical details of the attack and how organizations can protect themselves from it and others like it. The FortiDeceptor Deception VM called Outbreakv1 provides the outbreak vulnerabilities that the FortiGuard Outbreak Alerts cover. For example, you can deploy a network decoy based on FortiGuard Outbreak Alerts such as Spring4Shell and Log4j2.

    Previous
    Next