Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
venesa00
New Contributor

Quarantine a device from FortiAnalyzer playbooks

Hi!

I was wondering what changes do I have to make in my Fortigate, in the automation section, to automate the quarantine of an endpoint from FortiAnalyzer (with the playbook)?

I can run the playbooks to create incidents if it detects a compromised host, but I would like to quarantine them as well with another playbook. Do I have to create a sticth first on my Fortigate?

Thanks.

1 REPLY 1
gfleming
Staff
Staff