Fortinet white logo
Fortinet white logo

Verification

Verification

In the following example, an on-net user logs to the FortiSIEM Cloud. Certain actions trigger FortiSIEM rules and UEBA AI detection. Consequently, the user’s device IP (10.100.91.100) gets added to the FortiSIEM’s Fabric Threats watchlist.

This list is synchronized to the Enterprise Core and 1st Floor FortiGates as an IP threat feed. Each FortiGate applies different methods to control access using the IP threat feed. As a result, the suspicious user is denied access to protected resources and the FortiGates themselves.

Verification

Verification

In the following example, an on-net user logs to the FortiSIEM Cloud. Certain actions trigger FortiSIEM rules and UEBA AI detection. Consequently, the user’s device IP (10.100.91.100) gets added to the FortiSIEM’s Fabric Threats watchlist.

This list is synchronized to the Enterprise Core and 1st Floor FortiGates as an IP threat feed. Each FortiGate applies different methods to control access using the IP threat feed. As a result, the suspicious user is denied access to protected resources and the FortiGates themselves.