Integrations
Integrations enable you to configure connectors to external systems, which enables you to trigger predefined types of actions. FortiEDR provides various connectors out-of-the-box, such as Firewalls and NAC systems. The out-of-the-box FortiEDR connectors utilize Fortinet products’ APIs to automatically perform the required actions in order to extend its automatic Playbook actions.
Admin and IT users with custom script permission can also define customized connectors to any third-party system in order to trigger any action on that system using an API. For more information about user roles and permissions, see Users.
You can set up an unlimited number of connectors for each type and use them by associating Playbook policies or Security policies to the actions defined for these integration connectors, as described below.
The Integration menu is only available when the environment is connected to Fortinet Cloud Services (FCS). |
To display the INTEGRATIONS page:
- Select ADMINISTRATION > INTEGRATIONS.
The top left of this page provides two buttons, as shown below:
- Adding connectors enables you to add and configure connectors for integration with FortiEDR.
- Action Manager enables you to upload and manage (add, modify and delete) actions (Python scripts that call third-party system APIs) to be automatically triggered by FortiEDR as incident responses.
Python 2.7 or later is supported.
The Action Manager button is only available to users with Admin or IT permissions and have the Custom script option enabled. For more information about user roles and permissions, see Users.