Currently I manual Block the IP address has given by our SOC at Firewall Level.
Can fortigate do auto blocking IP based Threat Intelligence?
IF Yes, what the products need to be intergrade with our fortigate?
The Objective is to reduce ticket from SOC and manual block IP address.
Thanks
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
This may not give you the full answer, but by default there is an automation stitch that works with FortiAnalyzer to blocks the compromised IP af FGT level.
The below document might help you in configuring IP List in the threat feed using external connectors;
https://docs.fortinet.com/document/fortigate/7.6.0/administration-guide/379433/configuring-a-threat
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1663 | |
1077 | |
752 | |
446 | |
220 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.