Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
MamunAunick
New Contributor

Created on ‎12-01-2024 04:12 AM

Need help for FortiSOAR response via firewall

I have FortiSIEM, FortiSOAR and CheckPoint firewall. Connected FortiSIEM and CheckPoint firewall with FortiSOAR through connector. Now can anyone please guide me that how can I take action from SOAR.

 

For example:

SIEM detects a brute force attempt. SOAR ingest data from SIEM. Now I want soar to take action against the attacker through checkpoint firewall. eg: block IP/block url.

FortiSOAR   FortiSIEM  

Labels:
356
0 Kudos
2 REPLIES 2
sjoshi
Staff
Staff

Created on ‎12-01-2024 04:35 AM

Hi,

 

You can refer below article:-

https://docs.fortinet.com/document/fortisoar/7.6.0/connectors-guide/929681/introduction-to-connector...

Salon Raj Joshi
Fortinet Certified Expert (FCX) | #NSE8-003459
349
asolbri2
New Contributor

Created on ‎12-01-2024 05:23 AM Edited on ‎12-18-2024 01:23 AM

FortiEDR is a good choice for endpoint protection. FortiSOAR is really great product, but a big company play, or if you have the staff, SOC as a service play, not really suitable for smaller businesses due to cost and up front complexity (someone has to configure it, and maintain it). Consider who will be feeding and taking care of this before positioning. FortiAnalyzer SOCaaS might be a better play https://tutuapp.uno/  .

341
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.