Was just running through some clean up and auditing some processes and wanted to get some thoughts of what others might be doing in regards of having both ISDB (https://community.fortinet.com/t5/FortiGate/Technical-Tip-Blocking-Potential-threats-over-Internet-s...) and Threat Feeds applied to policies and profiles?
As inferred by the link provided, I have deny policy tied to those ISDB services but I also have Threat Feeds to my local ISAC (https://www.cisecurity.org/) I am a member of as well as Cisco Talos, for example, that I tie to policies and profiles.
So in a nutshell, do you think FortiGuard is enough for you or do you "cover your bases" with 3rd parties... just in case? (and this is assuming you don't have any resource concerns).
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
I don't have any issues with ingesting those feeds or anything like that. My question was more in regards of what do others do in this regard... do they trust FortiGuard completely or are they implementing both just in case. Just playing devil's advocate in my head a bit in saying that I "don't put all my eggs in one basket" but also, I'm sure this is extremely duplicative with having both as I have to assume FortiGuard and others like Cisco are very comparable with this, but there might be something someone can elaborate on that I'm missing.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1547 | |
1030 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.