Wi-Fi templates
Templates for building policies based on user Wi-Fi network connections.
Connection made to unauthorized Wi-Fi network
Available under any of the following licenses: FortiDLP Enterprise, FortiDLP Managed
Detects when a user connects to a Wi-Fi network with an unauthorized SSID, BSSID or authentication protocol.
| Parameter | Type | Description |
|---|---|---|
| Policy parameters | ||
| SSIDs | Advanced asset list | A list of SSIDs for which connections are authorized or unauthorized. |
| BSSIDs | Advanced asset list | A list of BSSIDs for which connections are authorized or unauthorized. |
| Unauthorized authentication protocol | String list | A list of Wi-Fi authentication protocols that are unauthorized for your organization. WPA3 authentication protocols require Agent 11.5.1 |
No default MITRE ATT&CK indicators. Note: MITRE ATT&CK indicators require Agent 11.4.1+.
| Incident clustering rule | Default |
|---|---|
| Cluster by Wi-Fi SSID | Disabled |
| Cluster by Wi-Fi BSSID | Disabled |
| Cluster by policy | Disabled |
Supported actions: Display message, Lock, Isolate, Take screenshot, Reboot