Fortinet black logo

Administration Guide

Home FortiDeceptor 2.1.0 Administration Guide

Set up the Deployment Network

2.1.0
5.3.0
5.2.0
5.1.0
5.0.0
4.3.0
4.2.0
4.1.1
4.1.0
4.0.2
4.0.1
4.0.0
3.3.3
3.3.2
3.3.1
3.3.0
3.2.2
3.2.1
3.2.0
3.1.1
3.1.0
3.0.2
3.0.1
3.0.0
2.1.0
2.0.0
1.1.0
1.0.1
Copy Link
Copy Doc ID 52ca6fc9-c9b4-11e9-8977-00505692583a:314840
Download PDF

Set up the Deployment Network

The Deployment Network page allows administrators to set up a monitoring interface into a VLAN or a subnet.

To add a VLAN or subnet to FortiDeceptor:
  1. Select Deception > Deployment Network.
  2. Select Auto VLAN Detection to automatically detect the VLANs on your network. Auto VLAN detection allows FortiDeceptor to detect the available VLANs on the deployment network interface and display them in the GUI. You can select and add the VLANs for the deployment of Decoys later.
  3. Select the Detection Interface. You can select multiple ports from Port 2 to Port 8. Click OK.
  4. Click Add New VLAN/Subnet to manually add a VLAN or a subnet to FortiDeceptor. Configure the following settings:

    Interface

    The port that will connect to the VLAN or subnet.

    VLAN ID

    Specify an integer to assign a unique ID to the VLAN.

    Deception Monitor IP/Mask

    Specify an IP address to monitor. This is useful to mask the actual IP address.

    Ref

    Shows the number of objects referring to this object.
    Status Shows if the IP address is initialized.

    Action

    Click Edit to edit the VLAN or Subnet entry. The Edit button is visible only after the entry is saved.

  5. Click Save.

The Monitor IP/Mask must be set as an IP address and not as a subnet.

You must use the following guidelines to set the Monitored IP/Mask:

  • Interface name and VLAN ID is unique among all Monitored IP/Mask.
  • If VLAN ID is 0, the Monitored IP/Mask is unique among all the Monitored IP/Mask without VLAN and all system interfaces.
  • If VLAN is not 0, the Monitored IP/Mask is unique among all subnets in the same VLAN.
Previous
Next

Set up the Deployment Network

The Deployment Network page allows administrators to set up a monitoring interface into a VLAN or a subnet.

To add a VLAN or subnet to FortiDeceptor:
  1. Select Deception > Deployment Network.
  2. Select Auto VLAN Detection to automatically detect the VLANs on your network. Auto VLAN detection allows FortiDeceptor to detect the available VLANs on the deployment network interface and display them in the GUI. You can select and add the VLANs for the deployment of Decoys later.
  3. Select the Detection Interface. You can select multiple ports from Port 2 to Port 8. Click OK.
  4. Click Add New VLAN/Subnet to manually add a VLAN or a subnet to FortiDeceptor. Configure the following settings:

    Interface

    The port that will connect to the VLAN or subnet.

    VLAN ID

    Specify an integer to assign a unique ID to the VLAN.

    Deception Monitor IP/Mask

    Specify an IP address to monitor. This is useful to mask the actual IP address.

    Ref

    Shows the number of objects referring to this object.
    Status Shows if the IP address is initialized.

    Action

    Click Edit to edit the VLAN or Subnet entry. The Edit button is visible only after the entry is saved.

  5. Click Save.

The Monitor IP/Mask must be set as an IP address and not as a subnet.

You must use the following guidelines to set the Monitored IP/Mask:

  • Interface name and VLAN ID is unique among all Monitored IP/Mask.
  • If VLAN ID is 0, the Monitored IP/Mask is unique among all the Monitored IP/Mask without VLAN and all system interfaces.
  • If VLAN is not 0, the Monitored IP/Mask is unique among all subnets in the same VLAN.
Previous
Next