Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

External Systems Configuration Guide

Nozomi Central Management Control

Support Added: FortiSIEM 6.5.0

Vendor Version Tested: Not Provided

 

Vendor: Nozomi Networks

Product: Nozomi Networks Central Management Control (CMC)

Product Informationhttps://www.nozominetworks.com/products/overview/

Protocol Information discovered Metrics collected Used for
Syslog Device type Node detection, protocol information, network changes Security and Compliance

Configuring FortiSIEM for Nozomi

Complete these steps in the FortiSIEM UI:

  1. Go to the ADMIN > Setup > Credentials tab.
  2. In Step 1: Enter Credentials, click New to create a new credential.
    1. Follow the instructions in "Setting Credentials" in the User's Guide to create a new credential.
    2. Enter these settings in the Access Method Definition dialog box and click Save:

      Settings Description
      Name Enter a name for the credential
      Device Type Nozomi Networks CMC
      Access Protocol Nozomi REST API
      User Name Enter the username used to access your Nozomi server.
      Password Enter the password associated with your username.
      Description Description of the device.
  3. In Step 2: Enter IP Range to Credential Associations, click New to create a mapping.
    1. Enter a host name, an IP, or an IP range in the IP/Host Name field.
    2. Select the name of your Nozomi credential from the Credentials drop-down list.
    3. Click Save.
  4. Click the Test drop-down list and select Test Connectivity to test the connection to the Nozomi server.
  5. Navigate to ADMIN > Setup > Discovery.
  6. Click New to create a Nozomi scan discovery definition.
  7. In the Discovery Definition dialog box, take the following steps:
    1. In the Name field, enter a name for the Discovery Definition.
    2. From the Discovery Type drop-down list, select Nozomi Scan.
    3. In the Credential drop-down list, your Nozomi Access Method Definition should be automatically selected.
    4. Fill in the other fields as necessary.
    5. When done, click Save.
  8. Click Discover.
    Assets from your Nozomi server will be discovered.

 

Devices under Nozomi can be discovered via FortiSIEM Device Discovery by selecting Nozomi Scan as Discovery Type. See Discovering Devices for more information.

Nozomi Central Management Control

Support Added: FortiSIEM 6.5.0

Vendor Version Tested: Not Provided

 

Vendor: Nozomi Networks

Product: Nozomi Networks Central Management Control (CMC)

Product Informationhttps://www.nozominetworks.com/products/overview/

Protocol Information discovered Metrics collected Used for
Syslog Device type Node detection, protocol information, network changes Security and Compliance

Configuring FortiSIEM for Nozomi

Complete these steps in the FortiSIEM UI:

  1. Go to the ADMIN > Setup > Credentials tab.
  2. In Step 1: Enter Credentials, click New to create a new credential.
    1. Follow the instructions in "Setting Credentials" in the User's Guide to create a new credential.
    2. Enter these settings in the Access Method Definition dialog box and click Save:

      Settings Description
      Name Enter a name for the credential
      Device Type Nozomi Networks CMC
      Access Protocol Nozomi REST API
      User Name Enter the username used to access your Nozomi server.
      Password Enter the password associated with your username.
      Description Description of the device.
  3. In Step 2: Enter IP Range to Credential Associations, click New to create a mapping.
    1. Enter a host name, an IP, or an IP range in the IP/Host Name field.
    2. Select the name of your Nozomi credential from the Credentials drop-down list.
    3. Click Save.
  4. Click the Test drop-down list and select Test Connectivity to test the connection to the Nozomi server.
  5. Navigate to ADMIN > Setup > Discovery.
  6. Click New to create a Nozomi scan discovery definition.
  7. In the Discovery Definition dialog box, take the following steps:
    1. In the Name field, enter a name for the Discovery Definition.
    2. From the Discovery Type drop-down list, select Nozomi Scan.
    3. In the Credential drop-down list, your Nozomi Access Method Definition should be automatically selected.
    4. Fill in the other fields as necessary.
    5. When done, click Save.
  8. Click Discover.
    Assets from your Nozomi server will be discovered.

 

Devices under Nozomi can be discovered via FortiSIEM Device Discovery by selecting Nozomi Scan as Discovery Type. See Discovering Devices for more information.