Fortinet white logo
Fortinet white logo

Administration Guide

Security Fabric Connection

Security Fabric Connection

The Fortinet Security Fabric provides an intelligent architecture that interconnects discrete security solutions into an integrated whole to detect, monitor, block, and remediate attacks across the entire attack surface. It delivers broad protection and visibility into every network segment and device, be they hardware, virtual, or cloud based.

  • The physical topology view shows all connected devices, including access layer devices. The logical topology view shows information about the interfaces that each device is connected to.
  • Security rating checks analyze the Security Fabric deployment to identify potential vulnerabilities and highlight best practices to improve the network configuration, deploy new hardware and software, and increase visibility and control of the network.
  • Fabric connectors provide integration with multiple SDN, cloud, and partner technology platforms to automate the process of managing dynamic security updates without manual intervention.
  • Automation pairs an event trigger with one or more actions to monitor the network and take the designated actions automatically when the Security Fabric detects a threat.

Currently supported features:

  • Physical Topology view
  • Quarantine via FortiNAC action (Version 8.8.1 and higher): Users can configure an automation stitch with the "Quarantine via FortiNAC" action with a Compromised Host or Incoming Webhook trigger. When the automation is triggered, the client PC will be quarantined and its MAC address is disabled in the configured FortiNAC. For instructions on configuring this feature in the FortiGate, see section Quarantine via FortiNAC action of the 6.4.2 Administration Guide.

Requirements:

  • FortiNAC appliances to be installed with licenses that include additional certificates. This type of license was introduced January 1st 2020.
  • FortiNAC version 8.7.x - 8.8.0: FortiGate devices must be running FortiOS 6.4.0 or higher.
  • FortiNAC version 8.8.1 and higher: FortiGate devices must be running FortiOS 6.4.2 or higher.

Add FortiNAC to the Security Fabric:

  1. In the FortNAC Administration UI, navigate to Network > Service Connectors.
  2. Click Create New.
  3. Click Security Fabric Connection.
  4. Enter the following values and save: IP: Root FortiGate IP address Port: 8013
    Refer to the FortiOS Administration Guide to complete configuration: FortiOS 6.4:
    https://docs.fortinet.com/document/fortigate/6.4.0/administration-guide/264311/fortinac
    FortiOS 7.0:
    https://docs.fortinet.com/document/fortigate/7.0.12/administration-guide/264311/configuring-fortinac
    FortiOS 7.2
    https://docs.fortinet.com/document/fortigate/7.2.6/administration-guide/264311/configuring-fortinac
    FortiOS 7.4
    https://docs.fortinet.com/document/fortigate/7.4.1/administration-guide/264311/configuring-fortinac

Security Fabric Connection

Security Fabric Connection

The Fortinet Security Fabric provides an intelligent architecture that interconnects discrete security solutions into an integrated whole to detect, monitor, block, and remediate attacks across the entire attack surface. It delivers broad protection and visibility into every network segment and device, be they hardware, virtual, or cloud based.

  • The physical topology view shows all connected devices, including access layer devices. The logical topology view shows information about the interfaces that each device is connected to.
  • Security rating checks analyze the Security Fabric deployment to identify potential vulnerabilities and highlight best practices to improve the network configuration, deploy new hardware and software, and increase visibility and control of the network.
  • Fabric connectors provide integration with multiple SDN, cloud, and partner technology platforms to automate the process of managing dynamic security updates without manual intervention.
  • Automation pairs an event trigger with one or more actions to monitor the network and take the designated actions automatically when the Security Fabric detects a threat.

Currently supported features:

  • Physical Topology view
  • Quarantine via FortiNAC action (Version 8.8.1 and higher): Users can configure an automation stitch with the "Quarantine via FortiNAC" action with a Compromised Host or Incoming Webhook trigger. When the automation is triggered, the client PC will be quarantined and its MAC address is disabled in the configured FortiNAC. For instructions on configuring this feature in the FortiGate, see section Quarantine via FortiNAC action of the 6.4.2 Administration Guide.

Requirements:

  • FortiNAC appliances to be installed with licenses that include additional certificates. This type of license was introduced January 1st 2020.
  • FortiNAC version 8.7.x - 8.8.0: FortiGate devices must be running FortiOS 6.4.0 or higher.
  • FortiNAC version 8.8.1 and higher: FortiGate devices must be running FortiOS 6.4.2 or higher.

Add FortiNAC to the Security Fabric:

  1. In the FortNAC Administration UI, navigate to Network > Service Connectors.
  2. Click Create New.
  3. Click Security Fabric Connection.
  4. Enter the following values and save: IP: Root FortiGate IP address Port: 8013
    Refer to the FortiOS Administration Guide to complete configuration: FortiOS 6.4:
    https://docs.fortinet.com/document/fortigate/6.4.0/administration-guide/264311/fortinac
    FortiOS 7.0:
    https://docs.fortinet.com/document/fortigate/7.0.12/administration-guide/264311/configuring-fortinac
    FortiOS 7.2
    https://docs.fortinet.com/document/fortigate/7.2.6/administration-guide/264311/configuring-fortinac
    FortiOS 7.4
    https://docs.fortinet.com/document/fortigate/7.4.1/administration-guide/264311/configuring-fortinac