Fabric
Use the Fabric pages to manage and configure FortiGate information for integration with FortiDeceptor. This includes blocking settings and Security Fabric status information. Blocking from FortiGate is an API call from FortiDeceptor which allows instant quarantine from FortiGate once an incident is detected. The quarantined IP is under user quarantine in the FortiGate GUI.
Fabric provides access to the following pages:
Detection Devices |
Configure the third-party malware detection devices for FortiDeceptor integration. When FortiDeceptor detects a suspicious file transfer in an incident, FortiDeceptor will send raw files to those detection devices for malware inspection and display the result along side the Incident. |
Quarantine Integration |
Configure the quarantine devices for FortiDeceptor integration |
Quarantine Status |
Status of blocked IP addresses. |
IOC Export |
Export the IOC file in CSV format for a specified time period. |