Fortinet black logo

Administration Guide

Home FortiDeceptor 5.3.0 Administration Guide

Safe List

5.3.0
5.3.0
5.2.0
5.1.0
5.0.0
4.3.0
4.2.0
4.1.1
4.1.0
4.0.2
4.0.1
4.0.0
3.3.3
3.3.2
3.3.1
3.3.0
3.2.2
3.2.1
3.2.0
3.1.1
3.1.0
3.0.2
3.0.1
3.0.0
2.1.0
2.0.0
1.1.0
1.0.1
Copy Link
Copy Doc ID 250a63c1-9b8e-11ee-a142-fa163e15d75b:41785
Download PDF

Safe List

Use the Deception > Safe List page to add an IP address that is considered legitimate so that it does not generate an Event or Incident when accessing decoys. For example, the IP address of a monitoring system that is polling the network.

The Safe list page displays the following information:

Name

The safe list name.

IP/Mask

Specify the IP address or subnet from where the connection originate.

Source Ports

Specify the source ports from where the connection originates.

Destination Ports

Specify the destination ports on the network where the connection terminates.

Description

Specify a description. For example, you can name it as Safe_Network.

Services

Select the name of the services used to connect to the network.

Appliance

This column indicates the source of the safelist, either local (manager) or remote (remote appliance). It is only visible when the manager operates in Central Management mode.

Status

Select Enabled or Disabled.
To add a new Safe List IP address:
  1. Go to Deception > Safe List.
  2. Click Add New Safe List IP
  3. Coinfigure the safe list settings and click OK.

    Name

    Enter a description of the list. For example, Safe_Network.

    IP/Mask

    Enter the IP address or subnet from where the connection originates.

    Source Ports

    Enter the source ports from where the connection originates.

    Destination Ports

    Enter the destination ports on the network where the connection terminates.

    Services

    Select the name of the services used to connect to the network.

    Appliance

    Select an appliance from the list.

    Decoy

    Select the decoy name for you want to apply the safe list rule.

    Enable

    Select Enabled or Disabled.

Previous
Next

Safe List

Use the Deception > Safe List page to add an IP address that is considered legitimate so that it does not generate an Event or Incident when accessing decoys. For example, the IP address of a monitoring system that is polling the network.

The Safe list page displays the following information:

Name

The safe list name.

IP/Mask

Specify the IP address or subnet from where the connection originate.

Source Ports

Specify the source ports from where the connection originates.

Destination Ports

Specify the destination ports on the network where the connection terminates.

Description

Specify a description. For example, you can name it as Safe_Network.

Services

Select the name of the services used to connect to the network.

Appliance

This column indicates the source of the safelist, either local (manager) or remote (remote appliance). It is only visible when the manager operates in Central Management mode.

Status

Select Enabled or Disabled.
To add a new Safe List IP address:
  1. Go to Deception > Safe List.
  2. Click Add New Safe List IP
  3. Coinfigure the safe list settings and click OK.

    Name

    Enter a description of the list. For example, Safe_Network.

    IP/Mask

    Enter the IP address or subnet from where the connection originates.

    Source Ports

    Enter the source ports from where the connection originates.

    Destination Ports

    Enter the destination ports on the network where the connection terminates.

    Services

    Select the name of the services used to connect to the network.

    Appliance

    Select an appliance from the list.

    Decoy

    Select the decoy name for you want to apply the safe list rule.

    Enable

    Select Enabled or Disabled.

Previous
Next