Technical Tip: Internet access required from FortiDeceptor
Description
This article describes how to get internet access from FortiDeceptor.
Solution
Configuration:
1) Port1 (default management port).
- FortiGuard updates (updates of ARAE (Anti-Reconnaissance Anti Exploit Engine)).
- Firmware image updates.
- Deception OS updates (Checking of whether new decoy is available).
- NTP.
- Web Filtering lookup.
- Decoy activation (Example windows: decoys such as windows will require internet access for activation (think of a normal windows license activation, this will use the default system route from FortiDeceptor e.g port1).
All above features will access Internet via default system route from FortiDeceptor.
2) Port2 (or Port3/4 if used on FortiDeceptor-Virtual Machine).
-Typically used for Decoy deployment network, see example deployment below (172.16.1.1.x network)
-This segment will optionally requires access to Internet, that is recommended.
Example: If hacker intrudes the decoy and uses to browse websites, FortiDeceptor can log and rate the URLs visited.
In the diagram below FortiDeceptor is using port1 to access internet (via a FortiGate).
Port2 of FortiDeceptor is used as deployment network for decoys to access internet.
This article describes how to get internet access from FortiDeceptor.
Solution
Configuration:
1) Port1 (default management port).
- FortiGuard updates (updates of ARAE (Anti-Reconnaissance Anti Exploit Engine)).
- Firmware image updates.
- Deception OS updates (Checking of whether new decoy is available).
- NTP.
- Web Filtering lookup.
- Decoy activation (Example windows: decoys such as windows will require internet access for activation (think of a normal windows license activation, this will use the default system route from FortiDeceptor e.g port1).
All above features will access Internet via default system route from FortiDeceptor.
2) Port2 (or Port3/4 if used on FortiDeceptor-Virtual Machine).
-Typically used for Decoy deployment network, see example deployment below (172.16.1.1.x network)
-This segment will optionally requires access to Internet, that is recommended.
Example: If hacker intrudes the decoy and uses to browse websites, FortiDeceptor can log and rate the URLs visited.
In the diagram below FortiDeceptor is using port1 to access internet (via a FortiGate).
Port2 of FortiDeceptor is used as deployment network for decoys to access internet.