Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents
minLevel1
maxLevel7
Info
  • CyberCNS

supports scanning of different Firewall Scans by leveraging the integrations capability
  • can evaluate the security policy of your FortiGate Firewall and flag any potential shortcomings. You can initiate a Firewall Scan from the Integrations menu.

  • Integrating FortiGate Firewall can be done via API.

Navigate to Integrations

...

  1. In the CyberCNS portal,

...

  1. navigate to Global Settings(⚙) > Integrations and choose

...

  1. FortiGate from the integrations listed.

...

It will lead to add credentials for the Fortigate device. Provide details as requested.

  1. Next, you will add credentials for your FortiGate firewall.

...

  • This will navigate to the FortiGate Page

Enter Credentials

Using API

Info

Please create a new User for CyberCNS before adding the credentials to FortiGate Firewall.

  • In FortiGate navigate to the Administrators, In Administrators click on the Create New dropdown, and select REST API Admin.

...

  • Set a username for the API administrator account and select its profile. Use an existing profile create a new one and limit permissions to what the plugin will be used for.

...

  • Once decide to create a new profile, select Add from the Administrator Profile dropdown.

...

  • Once decide to create a new profile, assign it a name and give it appropriate permissions. Optionally, provide a description of what this profile is allowed to do and where it's used. The plugin actions require a minimum of Firewall Read permissions.

...

  • Click OK to create the new profile.

  • Place the IP of the probe that will be doing the scanning in trusted hosts.

...

  • Next, click OK to create a new user. The New API key will be generated.

...

Info

Note that multiple credentials can be added by using the '+' sign. Each set of credentials can be attached to a company and then to an agent under that company.

  1. Enter Name: Choose a name of your choice for the credentials to be added.

  2. Enter Hostname/IP Address: Enter a Hostname/IP address for the credentials to be added.

  3. Enter Port Number: Enter the Port Number for the credentials to be added

...

  1. (https port for API scan[integrating with API Key]).

  2. Enter Username: Enter the username used to log in to the Fortigate Firewall. It is recommended that to define a special username to be used exclusively for these scans so that it can be identified in the firewall’s logs.

    Image Added
  3. Enter

...

  1. API Key: If you want to scan the firewall via API (more reliable) enter the API Key.

Info

If integrating with API key https port should be integrated.

  1. Select an associated company: Select

...

  1. an existing company

...

  1. in order to add

...

  1. the firewall as an asset of that company

...

  1. .

...

...

  1. Select Probe/Agent: Select the Probe/Agent from the selected company to be used for the scan.

...

  1. If no agent is installed

...

  1. for the company, an external scan agent can be used to initiate firewall scans

...

  1. from the CyberCNS Server (e.g. abc.mycybercns.com).

...

  • Once all the details below are provided, SAVE the data. Likewise, multiple credentials can be added in this section using the '+' sign. Each set of credentials can be attached to a company and then to an agent under that company.

...

  • data have been entered, click Save.

...

Info

After the credentials have been successfully added to the company, the Firewalls tab will be auto-created into added to the Main Menuof CyberCNS.

  • In the Firewalls section, once you click on Firewall Scan, the scan for all to initiate a scan of all the configured firewalls will be initiated.

...

  • Once When the firewall scan is completedcomplete, details like of Groups, Users, Access Rules, LicensesLicense, Zones, and Interfaces will be are populated for the Fortigate firewall Firewall.

...

  • Completed firewall scans are listed with timestamps as shown below. Select the relevant timestamp to check for the respective results.

...

  • These results are available to To view the results of a scan, click the scan in the list.

  • The scan results can be downloaded as a report into Docx formatin the Microsoft Word .docx format by clicking Download Report.

...

This completes the documentation of the Fortigate Firewall

...

.