Fortinet black logo

Administration Guide

Home FortiNDR 7.0.2 Administration Guide
7.0.2
7.4.4
7.4.3
7.4.2
7.4.1
7.4.0
7.2.3
7.2.2
7.2.1
7.2.0
7.1.0
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0

FortiNAC quarantine setup example

FortiNAC quarantine setup example

FortiNDR supports FortiNAC quarantine by calling FortiNAC rest API to enable and disable the Host record that matches the supplied IP address.

For information about configure FortiNAC, see the FortiNAC Administration Guide in the Document Library.

To setup FortiNAC quarantine on FortiNDR:
  1. In FortiNAC:
    1. Go to Users & Hosts > Administrators > Modify User.
    2. Enable REST API access to FortiNAC and generate HTTP API access token.
    3. Click OK.

  2. Create new automation profile with action type: FortiNAC Quarantine.

  3. When response action has been triggered, the detected IP that needs to be quarantined will be sent to FortiNAC via FortiNAC’s REST API call.
Previous
Next

FortiNAC quarantine setup example

FortiNDR supports FortiNAC quarantine by calling FortiNAC rest API to enable and disable the Host record that matches the supplied IP address.

For information about configure FortiNAC, see the FortiNAC Administration Guide in the Document Library.

To setup FortiNAC quarantine on FortiNDR:
  1. In FortiNAC:
    1. Go to Users & Hosts > Administrators > Modify User.
    2. Enable REST API access to FortiNAC and generate HTTP API access token.
    3. Click OK.

  2. Create new automation profile with action type: FortiNAC Quarantine.

  3. When response action has been triggered, the detected IP that needs to be quarantined will be sent to FortiNAC via FortiNAC’s REST API call.
Previous
Next