Created on 03-01-2022 05:00 AM Edited on 07-26-2023 10:49 PM By Jean-Philippe_P
Description | This article describes the types of External Threat Feed and their locations in the GUI. |
Scope |
FortiGate. |
Solution |
There are 5 types of External Threat Feed.
CLI commands to view the type of the External Threat Feed:
config system external-resource edit "test-ip" set type address<----- This IP address will be in the DNS profile under the external-ip-blocklist. This can also be used under IPv4 policies as Source/Destination. set resource "http://1.1.1.1" next edit "Test-domain" set type domain <----- This category will be in the DNS filter profile only. set category 192 set resource "http://2.2.2.2" next edit "Test-cat" set type category set category 193 <----- This category will be in the Web-filter profile only. set resource "http://3.3.3.3" next edit "Test-Hash" set type malware <----- This Hash list will be in the antivirus profile. set resource "http://4.4.4.4" next end
set type mac-address <----- This can be used as a source in firewall policies, proxy policies, and ZTNA rules. For policies in transparent mode or the Firewall Virtual Wire Pair Policy, the MAC Address Threat Feed can be used as a source or destination address. set resource "http://5.5.5.5" next The GUI Location to view each External Threat Feed is as follows:
The resource will automatically be used for Virus Outbreak Prevention on AntiVirus profiles where the 'External Malware Block List' is enabled.
|
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.