Fortinet black logo

DMZ Mode

Copy Link
Copy Doc ID e09daf98-5af9-11e9-81a4-00505692583a:523635
Download PDF

DMZ Mode

Deploy a FortiDeceptor hardware unit or VM in the Demilitarized Zone (DMZ) network. Attacks on the DMZ network can be monitored when FortiDeceptor is installed in the DMZ network.

To enable DMZ mode:

Go to command line and specify the following command:

dmz-mode enable

Enabling or disabling the DMZ mode will remove all previous configurations including Deception VMs, decoys, and tokens. Deception Images will not be removed.

Limitations of the DMZ Mode

The DMZ Mode in FortiDeceptor functions like the regular mode, with the following exceptions:

  • When DMZ mode is enabled, the label DMZ-MODE is shown on the top banner.
  • In the Monitored Network view, Deception Monitor IP/Mask is hidden when in DMZ Mode. See Set up the Monitored Network for more information about Deception IP/Mask.
  • Under Deception Status view, the Attack Test selection is disabled.
  • When DMZ mode is enabled, Deception VMs are limited to 1 Deploy Interface with 16 Decoys. See Deploy Deception VMs with the Deploy Wizard for more information about IP address range.

DMZ Mode

Deploy a FortiDeceptor hardware unit or VM in the Demilitarized Zone (DMZ) network. Attacks on the DMZ network can be monitored when FortiDeceptor is installed in the DMZ network.

To enable DMZ mode:

Go to command line and specify the following command:

dmz-mode enable

Enabling or disabling the DMZ mode will remove all previous configurations including Deception VMs, decoys, and tokens. Deception Images will not be removed.

Limitations of the DMZ Mode

The DMZ Mode in FortiDeceptor functions like the regular mode, with the following exceptions:

  • When DMZ mode is enabled, the label DMZ-MODE is shown on the top banner.
  • In the Monitored Network view, Deception Monitor IP/Mask is hidden when in DMZ Mode. See Set up the Monitored Network for more information about Deception IP/Mask.
  • Under Deception Status view, the Attack Test selection is disabled.
  • When DMZ mode is enabled, Deception VMs are limited to 1 Deploy Interface with 16 Decoys. See Deploy Deception VMs with the Deploy Wizard for more information about IP address range.