Fortinet black logo

Administration Guide

External resources

FortiManager allows external resources to be uploaded in order to support FortiManager hosted resources for threat feeds.

After external resources are uploaded to FortiManager, they can be used in threat feeds using the following format as the URI of the resource: fmg://<filename>.

For example, if you have uploaded a resource called exresource1.txt to FortiManager, the URI would be fmg://exresource1.txt.

For more information on threat feeds, see Threat Feeds.

To upload an external resource to FortiManager:
  1. Go to FortiGuard > External Resource.

  2. Click Import in the toolbar.

  3. Drag and drop a file into the selection window or browse to your file location.

  4. Click OK. Uploaded files are displayed in the External Resources table and can be edited directly in the FortiManager GUI.

To edit external resource file content:
  1. In the external resource file list, select a file and do one of the following:

    1. Click Edit in the toolbar.

    2. Right-click and select Edit from the context menu.

  2. The content of the file is displayed and can be edited directly in the Content pane.

  3. Click OK to save changes to the external resource.

To create a threat feed using a FortiManager hosted resource:
  1. Go to Policy & Objects > Security Fabric > Threat Feeds.

    Note

    If the Threat Feeds tab is not visible, it must first be enabled in Tools > Feature Visibility. You can also create Threat Feeds in Fabric View > External Connectors.

  2. Create a new threat feed.

  3. Select the threat feed type. For example, if the uploaded file is a list of IP addresses, you must select Type > IP Address.

  4. In the URI of External Resource field, define the file using the following format: fmg://filename.

  5. Once the threat feed is created, you can use it in a policy and install it to a device. In the example below, the threat feed is used in a DNS Filter in Policy & Objects > Security Profiles > DNS Filter. The DNS Filter is applied to a policy and installed to the managed FortiGate.

  6. Details about the threat feed can be viewed on FortiGate.

    1. On FortiGate, go to Security Fabric > External Connectors. The content can be refreshed automatically or manually on this page.

    2. Click View Entries to see the content from the external resource.

FortiManager allows external resources to be uploaded in order to support FortiManager hosted resources for threat feeds.

After external resources are uploaded to FortiManager, they can be used in threat feeds using the following format as the URI of the resource: fmg://<filename>.

For example, if you have uploaded a resource called exresource1.txt to FortiManager, the URI would be fmg://exresource1.txt.

For more information on threat feeds, see Threat Feeds.

To upload an external resource to FortiManager:
  1. Go to FortiGuard > External Resource.

  2. Click Import in the toolbar.

  3. Drag and drop a file into the selection window or browse to your file location.

  4. Click OK. Uploaded files are displayed in the External Resources table and can be edited directly in the FortiManager GUI.

To edit external resource file content:
  1. In the external resource file list, select a file and do one of the following:

    1. Click Edit in the toolbar.

    2. Right-click and select Edit from the context menu.

  2. The content of the file is displayed and can be edited directly in the Content pane.

  3. Click OK to save changes to the external resource.

To create a threat feed using a FortiManager hosted resource:
  1. Go to Policy & Objects > Security Fabric > Threat Feeds.

    Note

    If the Threat Feeds tab is not visible, it must first be enabled in Tools > Feature Visibility. You can also create Threat Feeds in Fabric View > External Connectors.

  2. Create a new threat feed.

  3. Select the threat feed type. For example, if the uploaded file is a list of IP addresses, you must select Type > IP Address.

  4. In the URI of External Resource field, define the file using the following format: fmg://filename.

  5. Once the threat feed is created, you can use it in a policy and install it to a device. In the example below, the threat feed is used in a DNS Filter in Policy & Objects > Security Profiles > DNS Filter. The DNS Filter is applied to a policy and installed to the managed FortiGate.

  6. Details about the threat feed can be viewed on FortiGate.

    1. On FortiGate, go to Security Fabric > External Connectors. The content can be refreshed automatically or manually on this page.

    2. Click View Entries to see the content from the external resource.