Fortinet Document Library

Version:


Table of Contents

About FortiGate for AWS

Deploying FortiGate on AWS

Deploying auto scaling on AWS

Single FortiGate-VM Deployment

Use Case: High Availability for FortiGate on AWS

Security Fabric Connector Integration with AWS

Resources

Upgrade Path Tool

Related Videos

Integrating FortiGate with AWS GuardDuty

  • 766 views
  • 11 months ago
6.0.0
Copy Link

Populating threat feeds with GuardDuty

AWS GuardDuty is a managed threat detection service that monitors malicious or unauthorized behaviors/activities related to AWS resources. GuardDuty provides visibility of logs called "findings", and Fortinet provides a Lambda script called "aws-lambda-guardduty", which translates feeds from AWS GuardDuty findings into a list of malicious IP addresses in an S3 location, which a FortiGate can consume as an external threat feed after being configured to point to the list's URL. To use this feature, you must subscribe to GuardDuty, CloudWatch, S3, and DynamoDB.

This feature is available with FortiOS 6.0.0+. See Setting up the FortiGate(s).

Installing and configuring GuardDuty requires knowledge of:

  • CLI
  • AWS Lambda function, DynamoDB, S3 bucket, and IAM
  • Node.js

The Lambda script is available to download on GitHub.

Resources

Related Videos

Integrating FortiGate with AWS GuardDuty

  • 766 views
  • 11 months ago

Populating threat feeds with GuardDuty

AWS GuardDuty is a managed threat detection service that monitors malicious or unauthorized behaviors/activities related to AWS resources. GuardDuty provides visibility of logs called "findings", and Fortinet provides a Lambda script called "aws-lambda-guardduty", which translates feeds from AWS GuardDuty findings into a list of malicious IP addresses in an S3 location, which a FortiGate can consume as an external threat feed after being configured to point to the list's URL. To use this feature, you must subscribe to GuardDuty, CloudWatch, S3, and DynamoDB.

This feature is available with FortiOS 6.0.0+. See Setting up the FortiGate(s).

Installing and configuring GuardDuty requires knowledge of:

  • CLI
  • AWS Lambda function, DynamoDB, S3 bucket, and IAM
  • Node.js

The Lambda script is available to download on GitHub.