Deployment Network
Use the Deployment Network page to set up a monitoring interface into a VLAN or a subnet.
The Deployment Network page displays the following information:
Action |
Click Edit to edit the VLAN or subnet entry. The Edit button is visible only after the entry is saved. Click Delete to remove a VLAN or Subnet. |
Appliance |
The Appliance column is visible when the FortiDeceptor operates as a manager appliance in CM mode, and displays a list of all available appliances. |
Status |
Status of the IP address, such as if it is initialized. |
Name |
Name of the VLAN or subnet. |
Interface |
The port that connects to the VLAN or subnet. |
VLAN ID |
The VLAN's unique integer ID is displayed when Tagged Interface is selected in the VLAN/Subnet settings. If Tagged Interface is not selected , the system will consider it an untagged VLAN/Subnet and will display Untagged. |
Deploy Monitor IP/Mask |
The monitor IP provides the dynamic content for the online token, collects the token installation information, and acts as the probing client for active asset discovery when auto-deployment is triggered. |
Tag |
The tag for the VLAN or subnet. |
Gateway |
The gateway IP address of the deployment network. |
ARP Protection |
Indicates ARP Protection is enabled (Yes) or disabled (No). |
Setting up the deployment network
To add a VLAN or subnet to FortiDeceptor:
- Go to Deception > Deployment Network.
- Enable Auto VLAN Detection to automatically detect the VLANs on your network.
Auto VLAN detection allows FortiDeceptor to detect the available VLANs on the deployment network interface and display them in the GUI. You can select and add the VLANs for the deployment of Decoys later.
- Select the Detection Interface and click OK. You can select multiple ports.
- Click Add New VLAN/Subnet to manually add a VLAN or a subnet. Configure the following settings:
Name
Name of the VLAN or subnet.
Interface
The port that connects to the VLAN or subnet.
Tagged Interface
Select to enable VLAN tag. Default is untagged.
As of version 5.3.0, when configuring a tagged network on an interface, subsequent VLANs or subnets added to the same interface must also be tagged. Conversely, if the initial VLAN or subnet added is untagged, all subsequent ones on the same interface must be untagged as well.
VLAN ID
The VLAN ID must be an integer between 1 and 4096, and unique among the tagged VLANs on the same interface.
Deploy Monitor
The IP address to monitor.
The deploy monitor IP/Mask should be an IP address (e.g. 192.168.1.2/24) and should not be a gateway address (e.g. 192.168.1.1/24) or a subnet (e.g. 192.168.1.0/24).
You must use the following guidelines to set the monitor IP/mask:
- Interface name must be unique among all network IP/masks.
VLAN ID must be unique among the tagged VLANs on the same interface.
The monitor IP/mask must not conflict with any existing deception IP addresses.
The monitor IP/mask is suggested to be unique among all the VLANs and subnets.
Gateway
The gateway IP address of the deployment network.
ARP Protection
Select to enable ARP poisoning detection. ARP Protection is disabled by default. Upgrading FortiDeceptor will disable this setting.
Tag
You can specify a tag for the VLAN or subnet.
Ref
The number of objects referring to this object.
Each VLAN/Subnet with a network mask of /24 and higher is counted as one seat of the VLAN license.
Each VLAN/Subnet with a network mask less than /24 is counted as two seats of the VLAN license.
- Click Save.