Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Administration Guide

    Home FortiNAC-F 7.2.0 Administration Guide
    7.2.0
    7.6.0
    7.4.0
    7.2.0

    Security rules

    Security rules

    Create and manage security rules based on triggers that correlate incoming events from network devices. When a security event is received, the highest ranked security rule with a trigger satisfied and a matching User/Host profile creates a security alarm. The rule may then take an action automatically.

    Settings

    An empty field in a column indicates that the option has not been set.

    Field

    Definition

    Rank

    Moves the selected rule up or down in the list. Incoming events are compared to rules in order by rank.

    Set Rank

    Allows you to type a different rank number for a selected rules and immediately move the rule to that position. In an environment with a large number of rules this process is faster than using the up and down buttons.

    Table columns

    Rank

    Rule's rank in the list of rules. Rank controls the order in which incoming events are compared to Security Rules.

    Name

    User defined name for the security rule.

    Enabled

    Indicates whether the rule has been enabled.

    Trigger

    The set of events that will activate the rule if the rule is enabled.

    Host Profile

    The host profile to which the security rule applies.

    The = sign indicates the host must match the user host profile. The ≠ indicates the host must not match the user host profile.

    An alarm is triggered when the security rule is satisfied.

    Action

    The action that will be associated or automatically taken when the security rule is activated.

    Rule Match Email Group

    If enabled in the security rule, the administrator group that will receive an email when the rule creates an alarm.

    Action Taken Email Group

    If enabled in the security rule, the administrator group that will receive an email when an action is taken on the created alarm.

    Last Modified By

    User name of the last user to modify the security rule.

    Last Modified Date

    Date and time of the last modification to this security rule.

    Right click options

    Delete

    Deletes the selected security rule.

    Modify

    Opens the Modify Security Rule window for the selected security rule.

    Show Audit Log

    Opens the admin auditing log showing all changes made to the selected item.

    For information about the admin auditing log, see Audit Logs.

    Note

    You must have permission to view the admin auditing log. See Add an administrator profile.

    Buttons

    Export

    Exports the data displayed to a file in the default downloads location. File types include CSV, Excel, PDF, or RTF. See Export data.
    Previous
    Next

    Security rules

    Security rules

    Create and manage security rules based on triggers that correlate incoming events from network devices. When a security event is received, the highest ranked security rule with a trigger satisfied and a matching User/Host profile creates a security alarm. The rule may then take an action automatically.

    Settings

    An empty field in a column indicates that the option has not been set.

    Field

    Definition

    Rank

    Moves the selected rule up or down in the list. Incoming events are compared to rules in order by rank.

    Set Rank

    Allows you to type a different rank number for a selected rules and immediately move the rule to that position. In an environment with a large number of rules this process is faster than using the up and down buttons.

    Table columns

    Rank

    Rule's rank in the list of rules. Rank controls the order in which incoming events are compared to Security Rules.

    Name

    User defined name for the security rule.

    Enabled

    Indicates whether the rule has been enabled.

    Trigger

    The set of events that will activate the rule if the rule is enabled.

    Host Profile

    The host profile to which the security rule applies.

    The = sign indicates the host must match the user host profile. The ≠ indicates the host must not match the user host profile.

    An alarm is triggered when the security rule is satisfied.

    Action

    The action that will be associated or automatically taken when the security rule is activated.

    Rule Match Email Group

    If enabled in the security rule, the administrator group that will receive an email when the rule creates an alarm.

    Action Taken Email Group

    If enabled in the security rule, the administrator group that will receive an email when an action is taken on the created alarm.

    Last Modified By

    User name of the last user to modify the security rule.

    Last Modified Date

    Date and time of the last modification to this security rule.

    Right click options

    Delete

    Deletes the selected security rule.

    Modify

    Opens the Modify Security Rule window for the selected security rule.

    Show Audit Log

    Opens the admin auditing log showing all changes made to the selected item.

    For information about the admin auditing log, see Audit Logs.

    Note

    You must have permission to view the admin auditing log. See Add an administrator profile.

    Buttons

    Export

    Exports the data displayed to a file in the default downloads location. File types include CSV, Excel, PDF, or RTF. See Export data.
    Previous
    Next