System integration and support
The following integration is tested and supported in FortiNDR 7.0.3.
- While FOS 6.2 and 5.6 file submission with OFTP, via the FortiSandbox field, is tested and compatible, official support for submitting files is in FOS 6.4.0 and higher.
-
HTTP2 file submission from FortiGate 7.2.0
- FortiGate inline blocking (with AV profile) is supported in FOS 7.0.1 and higher.
- FortiAnalyzer integration is supported in FortiAnalyzer 7.0.1 and higher.
- FortiSIEM integration is supported in FortiSIEM 6.3.0 and higher.
- FortiSandbox integration (API submission from FortiSandbox to FortiNDR) is supported from FortiSandbox 4.0.1 and higher.
- FortiGate quarantine via webhook 6.4.0 and higher.
- FortiMail 7.2.0
- ICAP is supported for:
- FortiGate 6.4.0 and higher.
- FortiWeb 6.3.11 and higher.
- Squid and other compatible ICAP clients.
- FortiProxy 7.0.0.
- FortiNAC quarantine support (v9.2.2+)
- FortiSwitch quarantine via FortiLink (FortiSwitch v7.0.0+ and FortiGate v7.0.5+)
FortiNDR 7.0.1 supports sending both malware and NDR logs to FortiAnalyzer and FortiSIEM or other syslog devices