Hi!
I was wondering what changes do I have to make in my Fortigate, in the automation section, to automate the quarantine of an endpoint from FortiAnalyzer (with the playbook)?
I can run the playbooks to create incidents if it detects a compromised host, but I would like to quarantine them as well with another playbook. Do I have to create a sticth first on my Fortigate?
Thanks.
Lots of good info here: https://docs.fortinet.com/document/fortianalyzer/7.2.2/administration-guide/691884/configuring-playb...
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.