Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Info
  • CyberCNS can evaluate the security policy of your Fortigate FortiGate Firewall and flag any potential shortcomings. You can initiate a Firewall Scan from the Integrations menu.

  • Integrating FortiGate Firewall can be done via ssh or API.

Navigate to Integrations

  1. In the CyberCNS portal, navigate to Global Settings(⚙) > Integrations and choose Fortigate FortiGate from the integrations listed.

  2. Next, you will add credentials for your Fortigate FortiGate firewall.

...

Enter Credentials

Info
  • If scanning with ssh credentials should have access to the firewall from the probe machine.

  • Please create a new User for CyberCNS before adding the credentials to FortiGate Firewall.

  • In FortiGate navigate to the Administrators, in Administrators click on the Create New dropdown, and select REST API Admin.

...

  • You have to set a username for the API administrator account and select its profile. You can use an existing profile and create a new one and limit permissions to what the plugin will be used for.

...

  • If case you decide to create a new profile, select add from the Administrator Profile dropdown.

...

  • If you decide to create a new profile, assign it a name and give it appropriate permissions. Optionally, you can provide a description of what this profile is allowed to do and where it's used. The plugin actions require a minimum of Firewall Read/Write permissions.

...

  • Click OK to create the new profile.

  • Need to add the IP range of the agent machine in trusted hosts.

...

  • Next, click OK to create the new user. The New API key will be generated.

...

Info

Note that multiple credentials can be added by using the '+' sign. Each set of credentials can be attached to a company and then to an agent under that company.

3. Enter Name: Choose a name of your choice for the credentials to be added.

...

5. Enter Port Number: Enter the Port Number for the credentials to be added(ssh port for ssh scan and https port for API scan[integrating with API Key]).

...

6. Enter Username: Enter the username used to log in to the Fortigate Firewall. It is recommended that you define a special username to be used exclusively for these scans so that they can be identified in the firewall’s logs.

...

7. Enter Password: Enter the password used to log in to the Fortigate Firewall (required for only if scanning via ssh, not required if integrating with an API Key)(ssh port should be integrated above).

Info

Do not enter the password if you are integrating with the API key.

...

8. Enter API Key: If you want to scan the firewall via API (more reliable) enter the API Key (Password not required).

Info

If integrating with API key https port should be integrated.

9. Select an associated company: Select an existing company in order to add the firewall as an asset of that company.

...