Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Administration Guide

    Home FortiDeceptor 5.2.0 Administration Guide
    5.2.0
    6.0.1
    6.0.0
    5.3.2
    5.3.1
    5.3.0
    5.2.0
    5.1.0
    5.0.0
    4.3.0
    4.2.0
    4.1.1
    4.1.0
    4.0.2
    4.0.1
    4.0.0
    3.3.3
    3.3.2
    3.3.1
    3.3.0
    3.2.2
    3.2.1
    3.2.0
    3.1.1
    3.1.0
    3.0.2
    3.0.1
    3.0.0
    2.1.0
    2.0.0
    1.1.0
    1.0.1

    Integration with PAN devices

    Integration with PAN devices

    To integrate FortiDeceptor with PAN devices:
    1. Configure PAN.
    2. Configure the PAN device on FortiDeceptor.
    3. Check the PAN status on FortiDeceptor.
    4. Verify the policy has been added on PAN.
    5. Attack a decoy and check the quarantine status in FortiDeceptor.

    1. Configure PAN

    Create an administrator on the PAN device. For information, see the PAN-OS Administrator’s Guide.

    2. Configure the PAN device on FortiDeceptor

    1. In FortiDeceptor, go to Fabric > Quarantine Integration and click + Quarantine Integration with new device.
    2. Configure the integration settings and click Save.

      Enabled

      Enable

      Name

      Enter a name for the integration.

      Integration MethodSelect PAN-XMLAPI.
      Device IPEnter the IP for the PAN device.

      Port

      Enter the port number for the PAN device.

      Username Enter the username for the PAN device.
      PasswordEnter the password the PAN device.

      Vsys

      The virtual system (Vsys) which is configured on the PAN device.

      Policy Index

      Select Top or Bottom.

      Expiry

      Default blocking time in seconds. Default is 3600 seconds.

    3. Check the PAN status on FortiDeceptor

    In FortiDeceptor, click Quarantine Integration and verify the PAN device status is Ready.

    4. Verify the policy has been added on PAN

    For more information about PAN polices, see the PAN-OS Administrator’s Guide.

    5. Attack a decoy and check the quarantine status in FortiDeceptor

    To check quarantine status in FortiDeceptor:
    1. Go to Fabric > Quarantine Status.
    2. Search for the PAN device in the Integrated Device column.

    Previous
    Next

    Integration with PAN devices

    Integration with PAN devices

    To integrate FortiDeceptor with PAN devices:
    1. Configure PAN.
    2. Configure the PAN device on FortiDeceptor.
    3. Check the PAN status on FortiDeceptor.
    4. Verify the policy has been added on PAN.
    5. Attack a decoy and check the quarantine status in FortiDeceptor.

    1. Configure PAN

    Create an administrator on the PAN device. For information, see the PAN-OS Administrator’s Guide.

    2. Configure the PAN device on FortiDeceptor

    1. In FortiDeceptor, go to Fabric > Quarantine Integration and click + Quarantine Integration with new device.
    2. Configure the integration settings and click Save.

      Enabled

      Enable

      Name

      Enter a name for the integration.

      Integration MethodSelect PAN-XMLAPI.
      Device IPEnter the IP for the PAN device.

      Port

      Enter the port number for the PAN device.

      Username Enter the username for the PAN device.
      PasswordEnter the password the PAN device.

      Vsys

      The virtual system (Vsys) which is configured on the PAN device.

      Policy Index

      Select Top or Bottom.

      Expiry

      Default blocking time in seconds. Default is 3600 seconds.

    3. Check the PAN status on FortiDeceptor

    In FortiDeceptor, click Quarantine Integration and verify the PAN device status is Ready.

    4. Verify the policy has been added on PAN

    For more information about PAN polices, see the PAN-OS Administrator’s Guide.

    5. Attack a decoy and check the quarantine status in FortiDeceptor

    To check quarantine status in FortiDeceptor:
    1. Go to Fabric > Quarantine Status.
    2. Search for the PAN device in the Integrated Device column.

    Previous
    Next