Fortinet black logo

Administration Guide

Home FortiDeceptor 5.3.0 Administration Guide
5.3.0
5.3.0
5.2.0
5.1.0
5.0.0
4.3.0
4.2.0
4.1.1
4.1.0
4.0.2
4.0.1
4.0.0
3.3.3
3.3.2
3.3.1
3.3.0
3.2.2
3.2.1
3.2.0
3.1.1
3.1.0
3.0.2
3.0.1
3.0.0
2.1.0
2.0.0
1.1.0
1.0.1

Deployment Network

Deployment Network

Use the Deployment Network page to set up a monitoring interface into a VLAN or a subnet.

The Deployment Network page displays the following information:

Action

Click Edit to edit the VLAN or subnet entry. The Edit button is visible only after the entry is saved.

Click Delete to remove a VLAN or Subnet.

Appliance

The Appliance column is visible when the FortiDeceptor operates as a manager appliance in CM mode, and displays a list of all available appliances.

Status

Status of the IP address, such as if it is initialized.

Name

Name of the VLAN or subnet.

Interface

The port that connects to the VLAN or subnet.

VLAN ID

The VLAN's unique integer ID is displayed when Tagged Interface is selected in the VLAN/Subnet settings.

If Tagged Interface is not selected , the system will consider it an untagged VLAN/Subnet and will display Untagged.

Deploy Monitor IP/Mask

The monitor IP provides the dynamic content for the online token, collects the token installation information, and acts as the probing client for active asset discovery when auto-deployment is triggered.

Tag

The tag for the VLAN or subnet.

Gateway

The gateway IP address of the deployment network.

ARP Protection

Indicates ARP Protection is enabled (Yes) or disabled (No).

Setting up the deployment network

To add a VLAN or subnet to FortiDeceptor:
  1. Go to Deception > Deployment Network.
  2. Enable Auto VLAN Detection to automatically detect the VLANs on your network.

    Auto VLAN detection allows FortiDeceptor to detect the available VLANs on the deployment network interface and display them in the GUI. You can select and add the VLANs for the deployment of Decoys later.

  3. Select the Detection Interface and click OK. You can select multiple ports.
  4. Click Add New VLAN/Subnet to manually add a VLAN or a subnet. Configure the following settings:

    Name

    Name of the VLAN or subnet.

    Interface

    The port that connects to the VLAN or subnet.

    Tagged Interface

    Select to enable VLAN tag. Default is untagged.

    As of version 5.3.0, when configuring a tagged network on an interface, subsequent VLANs or subnets added to the same interface must also be tagged. Conversely, if the initial VLAN or subnet added is untagged, all subsequent ones on the same interface must be untagged as well.

    VLAN ID

    The VLAN ID must be an integer between 1 and 4096, and unique among the tagged VLANs on the same interface.

    Deploy Monitor

    The IP address to monitor.

    Note

    The deploy monitor IP/Mask should be an IP address (e.g. 192.168.1.2/24) and should not be a gateway address (e.g. 192.168.1.1/24) or a subnet (e.g. 192.168.1.0/24).

    You must use the following guidelines to set the monitor IP/mask:

    • Interface name must be unique among all network IP/masks.

    • VLAN ID must be unique among the tagged VLANs on the same interface.

    • The monitor IP/mask must not conflict with any existing deception IP addresses.

    • The monitor IP/mask is suggested to be unique among all the VLANs and subnets.

    Gateway

    The gateway IP address of the deployment network.

    ARP Protection

    Select to enable ARP poisoning detection. ARP Protection is disabled by default. Upgrading FortiDeceptor will disable this setting.

    Tag

    You can specify a tag for the VLAN or subnet.

    Ref

    The number of objects referring to this object.

    Note

    Each VLAN/Subnet with a network mask of /24 and higher is counted as one seat of the VLAN license.

    Each VLAN/Subnet with a network mask less than /24 is counted as two seats of the VLAN license.

  5. Click Save.
Previous
Next

Deployment Network

Use the Deployment Network page to set up a monitoring interface into a VLAN or a subnet.

The Deployment Network page displays the following information:

Action

Click Edit to edit the VLAN or subnet entry. The Edit button is visible only after the entry is saved.

Click Delete to remove a VLAN or Subnet.

Appliance

The Appliance column is visible when the FortiDeceptor operates as a manager appliance in CM mode, and displays a list of all available appliances.

Status

Status of the IP address, such as if it is initialized.

Name

Name of the VLAN or subnet.

Interface

The port that connects to the VLAN or subnet.

VLAN ID

The VLAN's unique integer ID is displayed when Tagged Interface is selected in the VLAN/Subnet settings.

If Tagged Interface is not selected , the system will consider it an untagged VLAN/Subnet and will display Untagged.

Deploy Monitor IP/Mask

The monitor IP provides the dynamic content for the online token, collects the token installation information, and acts as the probing client for active asset discovery when auto-deployment is triggered.

Tag

The tag for the VLAN or subnet.

Gateway

The gateway IP address of the deployment network.

ARP Protection

Indicates ARP Protection is enabled (Yes) or disabled (No).

Setting up the deployment network

To add a VLAN or subnet to FortiDeceptor:
  1. Go to Deception > Deployment Network.
  2. Enable Auto VLAN Detection to automatically detect the VLANs on your network.

    Auto VLAN detection allows FortiDeceptor to detect the available VLANs on the deployment network interface and display them in the GUI. You can select and add the VLANs for the deployment of Decoys later.

  3. Select the Detection Interface and click OK. You can select multiple ports.
  4. Click Add New VLAN/Subnet to manually add a VLAN or a subnet. Configure the following settings:

    Name

    Name of the VLAN or subnet.

    Interface

    The port that connects to the VLAN or subnet.

    Tagged Interface

    Select to enable VLAN tag. Default is untagged.

    As of version 5.3.0, when configuring a tagged network on an interface, subsequent VLANs or subnets added to the same interface must also be tagged. Conversely, if the initial VLAN or subnet added is untagged, all subsequent ones on the same interface must be untagged as well.

    VLAN ID

    The VLAN ID must be an integer between 1 and 4096, and unique among the tagged VLANs on the same interface.

    Deploy Monitor

    The IP address to monitor.

    Note

    The deploy monitor IP/Mask should be an IP address (e.g. 192.168.1.2/24) and should not be a gateway address (e.g. 192.168.1.1/24) or a subnet (e.g. 192.168.1.0/24).

    You must use the following guidelines to set the monitor IP/mask:

    • Interface name must be unique among all network IP/masks.

    • VLAN ID must be unique among the tagged VLANs on the same interface.

    • The monitor IP/mask must not conflict with any existing deception IP addresses.

    • The monitor IP/mask is suggested to be unique among all the VLANs and subnets.

    Gateway

    The gateway IP address of the deployment network.

    ARP Protection

    Select to enable ARP poisoning detection. ARP Protection is disabled by default. Upgrading FortiDeceptor will disable this setting.

    Tag

    You can specify a tag for the VLAN or subnet.

    Ref

    The number of objects referring to this object.

    Note

    Each VLAN/Subnet with a network mask of /24 and higher is counted as one seat of the VLAN license.

    Each VLAN/Subnet with a network mask less than /24 is counted as two seats of the VLAN license.

  5. Click Save.
Previous
Next