Fortinet Firewall

Version: Fortinet Firewall version 4.0 - 5.6.

Fortinet Firewall is one of the fastest firewall providing protection in various areas with other key security features such as anti-virus, intrusion prevention system (IPS), web filtering, anti-spam and traffic shaping to deliver multi-layered security for the IT environment.

Netsurion's Open XDR platform seamlessly combines SIEM, Log Management, File Integrity Monitoring, machine Analytics and so forth.

Netsurion data source intgeration for Fortinet Firewall allows you to monitor the following components:-

  • Security - Attack detected, virus detected, data leak detected, suscpicious email and web content.
  • Operation - Firewall allowed and denied traffic, configuration changes, application details and vpn logon details.
  • Compliance - User and admin logon activities.

After the FortiGate Firewall is configured to deliver events to the Netsurion's Open XDR platform, the dashboards and reports can be configured into Netsurion's Open XDR platform.

Some of the Data Source Integrations available in Netsurion are listed below.

Alerts

Type Name Description
Security Fortinet - Attack detected This alert is generated when any IPS alert detected by Fortinet firewall.
Security Fortinet - Virus detected This alert is generated when any virus is detected by the Fortinet firewall.
Security Fortinet - Data leak protection This alert is generated when any DLP event is occurred.
Operations Fortinet - Configuration changed This alert is generated when any configuration changes is done in the Fortinet firewall.
Compliance Fortinet - Administrator logon failed This alert is generated when there is an administrator does a login failure.

Reports

Type Name Description
Security Fortinet - Attack detected This report provides details about all the IPS and IDS attacks that is detected by the Fortinet firewall.
Security Fortinet - Suspicious web content detected This report provides details about all the suspicious web traffic content that is detected by the Fortinet firewall.
Security Fortinet - Suspicious email content detected This report provides details about all the suspicious email traffic content that is detected by the Fortinet firewall.
Security Fortinet - Data leak detected This report provides details about all the DLP event that is detected by the Fortinet firewall.
Security Fortinet - Virus detected This report provides details about all the virus that is detected by the Fortinet firewall.
Operations Fortinet - Configuration changes This report provides details about all the configuration changes that is done in the Fortinet firewall.
Operations Fortinet - Traffic allowed details This report provides details about all the traffic that is allowed by the Fortinet firewall.
Operations Fortinet - Traffic denied details This report provides details about all the traffic that is denied by the Fortinet firewall.
Operations Fortinet - Application control This report provides details about all the application control policies and rules that is defined by the Fortinet firewall.
Operations Fortinet - VPN logon details This report provides details about all the vpn logon details.
Compliance Fortinet - User authentication details This report provides details about all the user authentication details.
Compliance Fortinet - Administrator logon details This report provides details about all the admin login and logout activities.

Documentation

The configuration details are consistent with Netsurion's Open XDR platform version 8.x or later, and Fortinet Firewall version 4.0 - 5.6.

Download Integration Guide for more information.

This site uses cookies to store information on your computer. Some are essential to make our site work; others help us improve the user experience. By using the site, you consent to the placement of these cookies. Read our Privacy Statement to learn more.

I Accept