Fortinet black logo

Agentless ZTNA with FortiSIEM UEBA and FortiGate

Home FortiSIEM 7.1.5 Agentless ZTNA with FortiSIEM UEBA and FortiGate
7.1.5
7.1.6
7.1.5
7.1.4
7.1.3
7.1.2
7.1.1
7.1.0
7.0.3
7.0.2
7.0.1
7.0.0
6.7.9
6.7.8
6.7.7
6.7.6
6.7.5
6.7.4
6.7.3
6.7.2

Verification

Verification

In the following example, an on-net user logs to the FortiSIEM Cloud. Certain actions trigger FortiSIEM rules and UEBA AI detection. Consequently, the user’s device IP (10.100.91.100) gets added to the FortiSIEM’s Fabric Threats watchlist.

This list is synchronized to the Enterprise Core and 1st Floor FortiGates as an IP threat feed. Each FortiGate applies different methods to control access using the IP threat feed. As a result, the suspicious user is denied access to protected resources and the FortiGates themselves.

Previous
Next

Verification

In the following example, an on-net user logs to the FortiSIEM Cloud. Certain actions trigger FortiSIEM rules and UEBA AI detection. Consequently, the user’s device IP (10.100.91.100) gets added to the FortiSIEM’s Fabric Threats watchlist.

This list is synchronized to the Enterprise Core and 1st Floor FortiGates as an IP threat feed. Each FortiGate applies different methods to control access using the IP threat feed. As a result, the suspicious user is denied access to protected resources and the FortiGates themselves.

Previous
Next