Help
FortiNDR
pchee
Staff
Staff

Created on ‎07-03-2023 02:01 AM Edited on ‎07-03-2023 02:03 AM By Moderator

Article Id 262480

Technical Tip: How to configure ICAP integration between FortiNDR and FortiGate

Description This article describes how to configure ICAP integration between FortiNDR and FortiGate.
Scope FortiNDR v7.2.
Solution

Under FortiNDR, navigate to Security Fabric -> Fabric Connectors -> Local Connection Configuration.

Enable the ICAP connector and make sure the interface selected is (MGMT) interface.

 

ICAP.jpg

 

Under the FortiGate, enable the ICAP feature under System -> Feature Visibility -> Additional Features -> ICAP.

 

feature.jpg

 

Navigate under Security Profiles -> ICAP Servers -> New ICAP Server and create the ICAP Server profile:

 

Server.jpg

 

Navigate under Security Profiles -> ICAP Servers ->  ICAP to create an ICAP profile. Note that the path for processing should be:

Request processing path : reqmod.

Response processing path : respmod.

 

FNDRICAP.jpg

 

Finally, assign the Security profile under the desired firewall policy in order for the security profile to take effect.
153
0 Kudos
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.​

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2023 Fortinet, Inc. All Rights Reserved.