Hello,
I am pretty new to using Fortiswitches and Forilink. We use a 3rd party device for internal security scanning that can either take in mirrored traffic from a port or be configured as an inline tap. Before moving to Fortiswitches and Fortilink, we used Fortigate Firewalls and did all the routing in the core switch. This made using the 3rd party security device easy because we could mirror the routed VLAN between the switch and Firewall. With Fortilink, the routed interface concept is gone between the Fortiswitches and Fortigate because the Fortigate controls everything. I need to find a way to incorporate the 3rd party security device with Fortiswitches and Fortilink. The issue I see is that the cabling between Fortiswitches and Fortigate creates a loop. I understand that Fortilink controls the traffic on the loop to avoid STP issues, but the 3rd party security device can only be placed between one section of the loop. I have asked Fortinet support, and they did not have any solutions.
Has anyone used a 3rd party security scanning device and just mirrored the Fortilink port on a Fortiswitch to their security device? Would the Fortilink traffic be encrypted so the mirrored port would be useless to the security device?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1732 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.