Shadow IT Discovery
FortiCASB provides features for shadow IT discovery. By integrating with FortiGate and FortiAnalyzer, FortiCASB gives users a concrete overview of all sanctioned and unsanctioned cloud applications within the organization. Furthermore, FortiCASB calculates a risk score for each application and gives users the ability to control application usage.
FortiCASB's Shadow IT discovery helps users enhance the security of their cloud application environment with the following features:
- Unsanctioned Application Discovery— FortiCASB uses logs from FortiGate and FortiAnalyzer as well as its own discovery process to deliver a comprehensive view of risk and usage of cloud applications.
- Cloud Risk Score—FortiCASB generates a cloud risk score for each cloud application. This score is calculated using many factors, such as but not limited to: user numbers, size of the company, multi-factor authentication support, and service hosting location. These factors are used to generate scores in multiple criteria, which are then aggregated into one final score.
- Access Control—Users can block or monitor certain applications using FortiCASB and FortiGate.
- Data Correlation—FortiCASB uses data from FortiGate and FortiAnalyzer, as well as its own data to define and identify riskier activities.
Configurations and Requirements
Shadow IT discovery requires a FortiGate or FortiAnalyzer policy.
Configuration details depend on your specific setup requirements. See the scenarios below, and find the one which best suits your needs.
Scenario 1: Receive logs from FortiGate.
Complete the FortiGate and FortiCASB configurations in the following order:
- FortiGate Configuration (Complete all 3 parts)
- Log Configuration Using FortiGate GUI
- FortiCASB Configuration
Scenario 2: Receive logs from FortiAnalyzer.
Complete the FortiGate, FortiAnalyzer and FortiCASB configurations in the following order:
- FortiGate Configuration (Complete all 3 parts)
- FortiAnalyzer Configurations
- FortiCASB Configuration