Fortinet black logo

Administration Guide

Home FortiDeceptor 3.0.1 Administration Guide

Deploy Decoy VM

3.0.1
5.3.0
5.2.0
5.1.0
5.0.0
4.3.0
4.2.0
4.1.1
4.1.0
4.0.2
4.0.1
4.0.0
3.3.3
3.3.2
3.3.1
3.3.0
3.2.2
3.2.1
3.2.0
3.1.1
3.1.0
3.0.2
3.0.1
3.0.0
2.1.0
2.0.0
1.1.0
1.0.1
Copy Link
Copy Doc ID b101b5a9-4c30-11ea-9384-00505692583a:362807
Download PDF

Deploy Decoy VM

Use the Deception pages allows you to deploy Decoy VMs on your network. When a hacker gains unauthorized access to Decoy VMs, their movements can be monitored to understand how they attack the network.

Apart from the default decoy Windows, Linux, or SCADA OS images, FortiDeceptor supports custom OS images with a purchased subscription service. You can upload your custom ISO images and install the FortiDeceptor Toolkit on the image. For instructions, click the Help icon in the toolbar and select Customization.

To use FortiDeceptor to monitor the network:
  • Go to Deception > Deception OS to check the Deception OS available. See View available Deception OS.
  • Go to Deception > Deployment Network to auto-detect or specify the network where the Decoy VMs are deployed. See Set up the Deployment Network.
  • Go to Deception > Deployment Wizard to deploy the Decoy VM on the network. See Deploy Decoy VMs with the Deployment Wizard.
  • Go to Deception > Decoy & Lure Status to start or stop deployed Decoy VMs, or download the FortiDeceptor Token Package to manually install on computers. See Monitor Decoy & Lure Status.
  • Go to Deception > Decoy Map to see the network of Decoy VMs. See Decoy Map.
  • Go to Deception > Whitelist to specify the network that is to be considered safe. This is useful if the administrator wants to log into the deployment network and not be flagged as an attacker. See Configure a Whitelist.
Previous
Next

Deploy Decoy VM

Use the Deception pages allows you to deploy Decoy VMs on your network. When a hacker gains unauthorized access to Decoy VMs, their movements can be monitored to understand how they attack the network.

Apart from the default decoy Windows, Linux, or SCADA OS images, FortiDeceptor supports custom OS images with a purchased subscription service. You can upload your custom ISO images and install the FortiDeceptor Toolkit on the image. For instructions, click the Help icon in the toolbar and select Customization.

To use FortiDeceptor to monitor the network:
  • Go to Deception > Deception OS to check the Deception OS available. See View available Deception OS.
  • Go to Deception > Deployment Network to auto-detect or specify the network where the Decoy VMs are deployed. See Set up the Deployment Network.
  • Go to Deception > Deployment Wizard to deploy the Decoy VM on the network. See Deploy Decoy VMs with the Deployment Wizard.
  • Go to Deception > Decoy & Lure Status to start or stop deployed Decoy VMs, or download the FortiDeceptor Token Package to manually install on computers. See Monitor Decoy & Lure Status.
  • Go to Deception > Decoy Map to see the network of Decoy VMs. See Decoy Map.
  • Go to Deception > Whitelist to specify the network that is to be considered safe. This is useful if the administrator wants to log into the deployment network and not be flagged as an attacker. See Configure a Whitelist.
Previous
Next