Fortinet Document Library

Version:

Version:

Version:


Table of Contents

Related Videos

Fortinet Security Fabric 6.0.0 Series - Part 6: Automation

  • 1,066 views
  • 1 years ago

Cookbook

Download PDF
Copy Link

Creating the Automation stitches

  1. To create a new Automation that bans the IP address of a compromised host, go to Security Fabric > Automation and select Create New.

  2. Set FortiGate to All FortiGates.

  3. Set Trigger to Compromised Host. Set IOC level threshold to High.

  4. Set Action to IP Ban.

  5. Create a second Automation that sends an email alert when HA failover occurs.

  6. Set FortiGate to Edge-Primary, which is part of the only HA cluster in the Security Fabric.

  7. Set Trigger to HA Failover. Set Action to Email.

  8. Set the Email subject and email address.

Related Videos

Fortinet Security Fabric 6.0.0 Series - Part 6: Automation

  • 1,066 views
  • 1 years ago

Creating the Automation stitches

  1. To create a new Automation that bans the IP address of a compromised host, go to Security Fabric > Automation and select Create New.

  2. Set FortiGate to All FortiGates.

  3. Set Trigger to Compromised Host. Set IOC level threshold to High.

  4. Set Action to IP Ban.

  5. Create a second Automation that sends an email alert when HA failover occurs.

  6. Set FortiGate to Edge-Primary, which is part of the only HA cluster in the Security Fabric.

  7. Set Trigger to HA Failover. Set Action to Email.

  8. Set the Email subject and email address.