Help
FortiDeceptor
FortiDeceptor provides Deception-based Breach Protection to deceive, expose and eliminate external and internal threats.
Anthony_E
Community Manager
Community Manager

Created on ‎11-28-2019 01:42 AM

Article Id 192870

Technical Tip: Internet access required from FortiDeceptor

Description
This article describes how to get internet access from FortiDeceptor.

Solution
Configuration:

1) Port1 (default management port).

- FortiGuard updates (updates of ARAE (Anti-Reconnaissance Anti Exploit Engine)).
- Firmware image updates.
- Deception OS updates (Checking of whether new decoy is available).
- NTP.
- Web Filtering lookup.
- Decoy activation (Example windows: decoys such as windows will require internet access for activation (think of a normal windows license activation, this will use the default system route from FortiDeceptor e.g port1).

All above features will access Internet via default system route from FortiDeceptor.

2) Port2 (or Port3/4 if used on FortiDeceptor-Virtual Machine).

-Typically used for Decoy deployment network, see example deployment below (172.16.1.1.x network)
-This segment will optionally requires access to Internet, that is recommended.
Example: If hacker intrudes the decoy and uses to browse websites, FortiDeceptor can log and rate the URLs visited.
 
In the diagram below FortiDeceptor is using port1 to access internet (via a FortiGate).
Port2 of FortiDeceptor is used as deployment network for decoys to access internet.




1093
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.