Has anybody implemented this on a FortiGate i.e. based on https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-block-SSH-but-allow-SFTP-using-the-... ?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi @rz-hka ,
Are you facing an issue trying to implement this solution ?
I have not done it myself but i can help you troubleshoot it.
I guess that your requirement is not the same with the article you mentioned. It will differentiate between two different protocols sharing the same port. In your case you are trying to differentiate on the authentication type used for SSH. I can't think of a way for FGT to block this, the easiest way could be limiting it from the server side.
Theoretically this can be achieved using custom IPS signature. If it's possible to build a custom pattern that is seen only during the SSH session when credentials are used, than chose to drop that traffic. I don't have experience with this but this article or this guide may help.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1733 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.