Change Log

Overview

FortiSIEM Port Usage

Supported Devices and Applications by Vendor

Application Performance Management

• Dynatrace

Applications

Application Server

• Apache Tomcat
• IBM WebSphere
• Microsoft ASP.NET
• Oracle GlassFish Server
• Oracle WebLogic
• Red Hat JBoss

Authentication Server/Cloud Platform

• Cisco Access Control Server (ACS)
• Cisco Duo
• Cisco Identity Solution Engine (ISE)
• CyberArk Password Vault
• Fortinet FortiAuthenticator
• Juniper Networks Steel-Belted RADIUS
• Microsoft Internet Authentication Server (IAS)
• Microsoft Network Policy Server (RAS VPN)
• OneIdentity Safeguard
• Pathlock Identity Security Platform
• Vasco DigiPass

Database Server

• IBM DB2 Server
• Microsoft SQL Server
• MySQL Server
• Oracle Database Server

DHCP and DNS Server

• Infoblox DNS/DHCP
• ISC BIND DNS
• Linux DHCP
• Microsoft DHCP
• Microsoft DNS

Directory Server

• Microsoft Active Directory

Document Management Server

• Microsoft SharePoint

Healthcare IT

• Epic EMR/EHR System

Mail Server

• Microsoft Exchange

Management Server/Appliance

• Cisco Application Centric Infrastructure (ACI)
• Fortinet FortiManager
• HPE Integrated Lights-Out (iLO)
• ManageEngine Endpoint Central
• SolarWinds Orion
• VMware NSX for vSphere

Remote Desktop

• Citrix Receiver (ICA)

Source Code Control

• Atlassian Bitbucket

• GitHub
• GitLab
• GitLab API
• GitLab CLI

Unified Communication Server

• Avaya Call Manager
• Cisco Call Manager
• Cisco Contact Center
• Cisco Presence Server
• Cisco Tandberg Telepresence Video Communication Server (VCS)
• Cisco Telepresence Multipoint Control Unit (MCU)
• Cisco Telepresence Video Communication Server
• Cisco Unity Connection

Web Server

• Apache Web Server
• Microsoft IIS for Windows 2000 and 2003
• Microsoft IIS for Windows 2008
• NGINX Web Server

Blade Servers

• Cisco UCS Server
• HP BladeSystem

Cloud Access Security Broker (CASB)

• Fortinet FortiCASB
• Oracle Cloud Access Security Broker

Cloud Applications

• Akamai Connected Cloud
• Alcide.io KAudit
• Atlassian Beacon
• AWS Access Key IAM Permissions and IAM Policies
• AWS CloudTrail API
• AWS EC2
• AWS EC2 CloudWatch API
• AWS ELB
• AWS Kinesis
• AWS RDS
• AWS Security Hub
• AWS SQS
• AWS Simple Storage Service (S3)
• Box/Box.com
• Cisco Umbrella
• Cloudflare
• Fortinet FortiDLP
• G42 Cloud
• Google Cloud Platform (GCP)- Pub/Sub Integration
• Google Workspace (Formerly G Suite and Google Apps)
• Lacework FortiCNAPP
• Microsoft Azure
  • Recommended Integrations
  • Microsoft Defender XDR Integration
  • Microsoft Defender for Endpoint Integration
  • Microsoft Entra ID Integration
  • Microsoft Office 365 Integration
  • Microsoft Azure Audit Integration
  • Microsoft Cloud App Security Integration
  • Generic Event Hub based Integration
• Okta
• Oracle Cloud Infrastructure
• Salesforce CRM Audit

Cloud Email Security

• Fortinet FortiMail Workspace Security
• Mimecast Cloud Gateway

Console Access Devices

• Lantronix SLC Console Manager

Container Management Platform

• Kubernetes

Customer Relationship Management (CRM)

• Workday Enterprise Suite (Workday Report API via Generic HTTPS Poller)

Digital Risk Protection (DRP)

• Fortinet FortiRecon

End Point Security Software

• Bit9 Security Platform
• Bitdefender GravityZone
• Carbon Black Security Platform
• Cisco AMP Cloud V0
• Cisco AMP for Endpoints API V1
• Cisco Security Agent (CSA)
• CloudPassage Halo
• CrowdStrike Endpoint Security
• Cybereason
• Digital Guardian Code Green DLP
• ESET NOD32 Anti-Virus
• FortiClient
• Fortinet FortiClient EMS
• Fortinet FortiEDR
• Kaspersky
• Malwarebytes Breach Remediation
• MalwareBytes EndPoint Protection
• McAfee ePolicy Orchestrator (ePO)
• Microsoft Defender for Endpoint/Microsoft Windows Defender ATP
• MobileIron Sentry and Connector
• Netwrix Auditor
• Palo Alto Traps Endpoint Security Manager
• SentinelOne Singularity
• Sophos Central
• Sophos Endpoint Security and Control
• Symantec Endpoint Protection
• Symantec SEPM
• Tanium Connect
• Trend Micro Interscan Web Filter
• Trend Micro Intrusion Defense Firewall (IDF)
• Trend Micro OfficeScan
• Trend Vision One

Firewalls

• Check Point FireWall-1
• Check Point Provider-1
  • CLM for Check Point Provider-1
  • CMA for Check Point Provider-1
  • MDS for Check Point Provider-1
  • MLM for Check Point Provider-1
• Check Point VSX
• Cisco Adaptive Security Appliance (ASA)
• Cisco Firepower Threat Defense (FTD)
• Clavister Firewall
• Cyberoam Firewall
• Dell SonicWALL
• Fortinet FortiGate Firewall
• Hillstone Firewall
• Imperva SecureSphere Web App Firewall
• Juniper Networks SSG
• McAfee Firewall Enterprise (Sidewinder)
• Palo Alto Firewall
• Sophos UTM Firewall
• Stormshield Network Security
• Tigera Calico
• UserGate UTM Firewall
• WatchGuard Firebox
• Zscaler Internet Access (ZIA)

Internet of Things (IoT) / Operational Technology (OT)

• APC Netbotz Environmental Monitor
• APC UPS
• Armis Centrix
• Claroty Continuous Threat Detection
• Dragos Platform
• Fortinet FortiSRA
• Generic UPS
• Hirschmann SCADA Firewalls and Switches
• Liebert FPC
• Liebert HVAC
• Liebert UPS
• Microsoft Defender for IoT (Was CyberX OT/IoT Security)
• Nozomi Central Management Control
• Nozomi SCADAguardian
• OMICRON StationGuard
• OTORIO RAM2 (Risk Assessment, Monitoring and Management)
• Siemens Simatic PLC

Load Balancers and Application Firewalls

• Barracuda Web Application Firewall
• Brocade ServerIron ADX
• Citrix Netscaler Application Delivery Controller (ADC)
• F5 Networks Application Security Manager
• F5 Networks Local Traffic Manager
• F5 Networks Web Accelerator
• Fortinet FortiADC
• Qualys Web Application Firewall

Log Aggregators

• Fortinet FortiAnalyzer

Network Access Control

• Fortinet FortiNAC
• HPE Aruba Networking ClearPass Policy Manager

Network Compliance Management Applications

• Cisco Network Compliance Manager
• PacketFence

Network Detection and Response (NDR)

• Fortinet FortiNDR (Formerly FortiAI)
• Fortinet FortiNDR Cloud
• Zeek Network Security Monitor (Previously known as Bro)

Network Intrusion Detection System

• Microsoft Advanced Threat Analytics (ATA) On Premise Platform

Network Intrusion Prevention System

• 3COM TippingPoint UnityOne IPS
• AirTight Networks SpectraGuard
• Alert Logic IRIS API
• Armis Asset Intelligence Platform
• Cisco Firepower Management Center (FMC) - Formerly FireSIGHT and FirePower Threat Defense
• Cisco Intrusion Prevention System
• Cisco Stealthwatch
• Claroty Continuous Threat Detection
• Corero Smartwall Threat Defense System
• Cylance Protect Endpoint Protection
• Cyphort Cortex Endpoint Protection
• Damballa Failsafe
• Darktrace CyberIntelligence Platform
• Dragos Platform
• FireEye Malware Protection System (MPS)
• FortiDDoS
• Fortinet FortiDeceptor
• Fortinet FortiSandbox
• Fortinet FortiTester
• IBM Internet Security Series Proventia
• Juniper DDoS Secure
• Juniper Networks IDP Series
• McAfee Network Security Platform (formerly McAfee IntruShield)
• McAfee Stonesoft IPS
• Motorola AirDefense
• Palo Alto Cortex XDR
• Radware DefensePro
• Snort Intrusion Prevention System
• Sourcefire 3D and Defense Center
• Trend Micro Deep Discovery
• Zeek (Bro) Installed on Security Onion