Hi,
I know that with detailed reporting capabilities I can find the traffic and create rules but involving in a new mid-large environment and in order to expedite and accelerate rules creation, I'd like to know if it is possible make FortiOS or FortiAnalyzer to suggest or even create automated rules between network elements or not?
A simple example:
The traffic between backup servers and ESXi hosts (or let's say between this and that interface) sensed in the past week shows that a rule with these details will handle the traffic and disables all other unnecessary ones.
Is something similar to this possible using the Fortigate and FortiAnalyzer capabilities?
Especially in these days which AI, ML, etc are hot topics ;)
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
With the Security Rating license some of this can be done. Especially around suggesting rules that allow all/unsecure protocols or rules that have no hit counts. I am not aware of a way to automatically create rules though. That being said I don't think I would leave firewall rule creation up to automation. Firewall rules should be purposeful, concise, and based on defined requirements.
Thanks
and what about the auto generating temporary or permanent block rule? Is that possible to block a source IP to a destination for example if it exceeds a number of connections or data size moving through the firewall?
I know about the DDOS rules but I need some more flexible ones.
Regards,
DDoS Policies would be your threshold based. If you need something more intelligent, then FortiDDoS would be the product you would place in front of the FortiGate.
Maybe you need to look at FortiPolicy.
https://docs.fortinet.com/product/fortipolicy/7.2
Did not use the product yet, seems to match a few of your objectives.
There is also this new feature in FOS 7.2 (learn mode) that may be somewhat useful:
Thanks to all
the FortiOS and learning mode are wonderful although it seems both of them need two other products to be purchased (Fortimanager, Fortipolicy)
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1546 | |
1030 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.