Version: FortiManager version 6.2.0 and later

FortiManager appliance allows you to centrally manage many Fortinet devices from a few to thousands, including FortiGate, FortiWiFi, FortiCarrier, FortiMail, and FortiAnalyzer appliances and virtual appliances, as well as FortiClient endpoint security agents.

Netsurion Open XDR integrates with FortiManager, enables users to view critical information related to activities performed in FortiManager or other Fortinet devices. This information is represented in the form of report, alert and graphical/ pictorial representation(dashboard).

Flex reports contain a detailed overview of activities like managed-devices login/ logout, login failed, deployment manager events, events associated with high availability for Forti devices, etc.

Alerts are provided as soon as any critical events are triggered by FortiManager. Such as, login failed, system/ managed device unexpected reboot and shutdown, etc.

From visual representation/ overview of top activities being performed in FortiManager to unauthorized user access (failed) can be viewed on Netsurion Open XDR dashboard.

Netsurion Open XDR monitors all the FortiManager events from services like system manager, Fortiguard service events, managed device operations, etc., they are given as below.

  • Security – User login fail (Web service), User login fail (SSH auth), etc.
  • Compliance – Device configuration operations, FortiGate-FortiManager protocol operations, etc.
  • Operation – System login events, System manager events, High Availability status changes.

Once FortiManager is configured to deliver events to Netsurion Open XDR Manager; alerts, dashboards, and reports can be configured into Netsurion Open XDR.

To take advantage of this data source integration and to learn more about alerts, reports, and dashboards, contact your Technical Account Manager (TAM). If you are not currently a Netsurion customer or partner, contact us to learn more.