Fortinet black logo

Online Help

Home FortiCNP 22.4.a Online Help
22.4.a
22.4.a
22.3.b
22.3.a

FortiGate Fabric Integration

FortiGate Fabric Integration

Introduction

Fabric Integration applies to users with access to both FortiCNP and FortiGate. This Fabric integration is essentially FortiGate IPS log integration with FortiCNP.

FortiGate IPS (Intrusion Prevention System) detects and block external network attack before it can compromise the internal network. When such attack occurs, the FortiGate IPS logs integration deliver the IPS logs to FortiCNP as risk findings to provide additional layer threat management.

For additional details on FortiGate IPS, please see https://docs.fortinet.com/document/fortigate/7.2.3/administration-guide/565562/intrusion-prevention

FortiGate virtual machine is capable to monitor network traffic between multiple virtual machine instances and the public internet.

In this example, a FortiGate VM is installed in the AWS EC2 virtual network to protect a Linux server EC2 instance.

Prerequisite

  1. A FortiGate virtual machine instance should be installed on the cloud platform. For details on deploying FortiGate VM in a cloud platform (AWS), please see https://docs.fortinet.com/document/fortigate-public-cloud/7.0.0/aws-administration-guide/403036/deploying-fortigate-vm-on-aws
  2. The virtual machine instance that will be protected by FortiGate has to be in the same region as the FortiGate virtual machine in the cloud platform.

    3. In our example, the Linux server EC2 instance is in the same AWS account region as the FortiGate VM instance.

  3. The virtual machine that FortiGate protects should be onboarded onto FortiCNP before potential attack findings can be triggered. Only when connectivity is established between the FortiGate and the virtual machine can the attack logs be sent from FortiGate to FortiCNP.
  4. FortiCNP IPS Integration requires FortiOS version 6.4.0 or later.

Configure FortiGate to Add to FortiCNP

Before adding the FortiGate VM on FortiCNP, there are some configuration steps required on FortiGate.

Enable Send Logs in FortiGate

Create SSL/SSH Inspection Profile on FortiGate

Create FortiGate IPS Sensor

Create FortiGate Firewall Policy

Add FortiGate VM on FortiCNP

Add AWS Hosted FortiGate VM

Add Azure Hosted FortiGate

Add Google Cloud Hosted FortiGate

Previous
Next

FortiGate Fabric Integration

Introduction

Fabric Integration applies to users with access to both FortiCNP and FortiGate. This Fabric integration is essentially FortiGate IPS log integration with FortiCNP.

FortiGate IPS (Intrusion Prevention System) detects and block external network attack before it can compromise the internal network. When such attack occurs, the FortiGate IPS logs integration deliver the IPS logs to FortiCNP as risk findings to provide additional layer threat management.

For additional details on FortiGate IPS, please see https://docs.fortinet.com/document/fortigate/7.2.3/administration-guide/565562/intrusion-prevention

FortiGate virtual machine is capable to monitor network traffic between multiple virtual machine instances and the public internet.

In this example, a FortiGate VM is installed in the AWS EC2 virtual network to protect a Linux server EC2 instance.

Prerequisite

  1. A FortiGate virtual machine instance should be installed on the cloud platform. For details on deploying FortiGate VM in a cloud platform (AWS), please see https://docs.fortinet.com/document/fortigate-public-cloud/7.0.0/aws-administration-guide/403036/deploying-fortigate-vm-on-aws
  2. The virtual machine instance that will be protected by FortiGate has to be in the same region as the FortiGate virtual machine in the cloud platform.

    3. In our example, the Linux server EC2 instance is in the same AWS account region as the FortiGate VM instance.

  3. The virtual machine that FortiGate protects should be onboarded onto FortiCNP before potential attack findings can be triggered. Only when connectivity is established between the FortiGate and the virtual machine can the attack logs be sent from FortiGate to FortiCNP.
  4. FortiCNP IPS Integration requires FortiOS version 6.4.0 or later.

Configure FortiGate to Add to FortiCNP

Before adding the FortiGate VM on FortiCNP, there are some configuration steps required on FortiGate.

Enable Send Logs in FortiGate

Create SSL/SSH Inspection Profile on FortiGate

Create FortiGate IPS Sensor

Create FortiGate Firewall Policy

Add FortiGate VM on FortiCNP

Add AWS Hosted FortiGate VM

Add Azure Hosted FortiGate

Add Google Cloud Hosted FortiGate

Previous
Next