- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Automate Address List with FortiAnalizer/Playbooks/Fortigate
Hi People I need to create an automation to save all the malicious addresses that the FortiAnalizer collects/analyzes and automatically save them in a group of addresses for me to block them from the firewall. I want to know if Fortigate and FortiAnalizer can do something like this. I have the FortiSOC version available if it is necessary to do it with Playbooks. The truth is that I did not find anything like that.
- Labels:
-
FortiAnalyzer
-
FortiGate
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello @Lucas1 ,
Please review https://community.fortinet.com/t5/FortiGate/Technical-Tip-Block-SSL-VPN-failed-logins-with-an-automa.... According to this document, you can see a functionality where an automation stich can add IP addresses into a group.
Thanks,
Ronak Patel
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello @Lucas1
You can create an event handler on FortiAnalyzer to block such failed attempt IPs.
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Enhance-SSL-VPN-Security-by-blocking-offen...
salmas
