FortiDeceptor

FortiDeceptor can be added to the Security Fabric so it appears in the topology views and the dashboard widgets.

To add FortiDeceptor to the Security Fabric in the GUI:
  1. Enable the Security Fabric (see Configuring the root FortiGate and downstream FortiGates for more details) with the following settings:
    1. Configure the interface to allow other Security Fabric devices to join.
    2. Enable Allow downstream device REST API access so the FortiDeceptor can communicate with the FortiGate, and select an Administrator profile. The minimum permission required for the selected Administrator profile is Read/Write for User & Device (set authgrp read-write).
  2. In FortiDeceptor, integrate the device:
    1. Go to Fabric > Integration Devices.
    2. Click Quarantine Integration With New Device.
    3. Click the toggle to enable the device.
    4. For Upstream IP Address, enter the root FortiGate's management IP address.

    5. Click Apply.
  3. Authorize the FortiDeceptor in FortiOS:
    1. Go to Security Fabric > Fabric Connectors.
    2. In the topology tree, click the highlighted FortiDeceptor serial number and select Authorize.

      The authorized device appears in the topology tree. Hover over the device name to view the tooltip.

      The Security Fabric widget on the dashboard also updates when the FortiDeceptor is authorized.

  4. Go to Security Fabric > Physical Topology or Security Fabric > Logical Topology to view more information.

    Physical topology view: