Hello experts,
Does Fortigate support STIX/TAXII for receiving / pulling threat intelligence?
If yes, what versions of STIX/TAXII are supported?
Thanks.
Hi experts,
Can anyone help respond to this.
Thanks.
Hi,
there is no support for STIX / TAXII in fortigate firewalls.
Only the FortiSandbox supports STIX and TAXII.
Best Regards
bommi
NSE 4/5/7
Thank you for the answer.
Is STIX/TAXII support by any chance in roadmap in order to pull threat intelligence from other sandboxes?
Hi SmackIT,
the feature is called "Fabric Connectors":
You need the "Fabric Connector for threat feeds" part of this documentation.
In FortiOS 6.0 only IP- and Domainlists are supported, in FortiOS 6.2 which is currently beta you can also import Hashlists.
Best Regards
bommi
NSE 4/5/7
Hi,
I don't know.
Fortigate firewalls can pull threat intelligence information from webservers.
You can import lists of IP-Addresses, Domains and Filehashes and use this information in the webfilter, dnsfilter and av-filter.
Regards bommi
NSE 4/5/7
Hi Bommi,
Can you please point me to the related document / KB for doing this?
Thanks.
Hi,
this feature is called "Fabric Connector":
You need the "Fabric Connector for threat feeds" part of this documentation.
In FortiOS 6.0 only IP- and Domainlists are supported, in FortiOS 6.2 which is currently Beta you can also import Hashlists.
Best Regards
bommi
NSE 4/5/7
Thanks Bommi.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1735 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.