Staff & Editor

Technical Tip: Source IP for the ML configuration in the FortiNDR Center mode

Forum|Forum|1 year ago
October 2, 2024
0 replies
258 views

Description

This article describes how to use the Source IP for the ML configuration in the FortiNDR Center mode

Scope

FortiNDR.

Solution

The source IP group means that it will only detect anomalies within the configured IP range. For any IP outside of the configured source IP group, it will not trigger the anomalies detection.

Configuring the source IP group for ML configuration will reduce unnecessary anomalies from the network to only focus on the critical anomalies.
If the source IP for the ML configuration is not configured, the FortiNDR will detect all the anomalies from the network.