Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
delciomangueira
New Contributor

How to block hosts using Fortigate and Cisco Swithes?

Hi guys, I have traffic going through a fortigate, for the endpoints that violate the policies defined in the security profiles I use the IP block when the event is not remedied. Since the IP is on layer 3 and my Swithces are not Fortinet, whenever the host that is blocked by the IP BAN action changes floor and acquires another one, I get the alerts again, same host and different IP.

What is the best alternative to use to mitigate this scenario?
My Swithes are Cisco

2 REPLIES 2
VinayHM
Staff
Staff

Try using mac based blocking (Layer 2).

 

Vinay HM
ebilcari
Staff
Staff

A good solution could be the integration with FortiNAC. You can have full visibility that FortiNAC gives for the network and integrate that with FortiGate via FSSO. FortiNAC supports a large ranges of switches for different vendors including Cisco switches.

Take a look at this integration guide: https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/81bd8eff-3eff-11ea-9384-005056...

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
Labels
Top Kudoed Authors