What it Does
FortiDeceptor is based on deception technology that complements an organization’s existing breach protection strategy designed to deceive, expose, and eliminate attacks originating from either external or internal sources before any real damage occurs.
FortiNAC is the Fortinet network access control solution. It enhances the overall Fortinet Security Fabric with visibility, control, and automated response for everything that connects to the network. FortiNAC provides protection against IoT threats, extends control to third-party devices, and orchestrates automatic responses to a wide range of networking events.
FortiDeceptor from V.3.2 provides the capability to integrate with third-party security tools using the GEN WEBHOOK as part of the “integrated devices” feature for alert mitigation.
The integration between FortiDeceptor and FortiNAC allows us to automatically isolate any infected device from the network based on FortiDeceptor alert detection.
One of the compelling use cases for this integration is Ransomware mitigation using SMB Deception Token by luring the ransomware to encrypt fake files and raise alerts. Fortideceptor will use FortiNAC to isolated the infected endpoint from the network automatically and save the network damage.