Fortinet

Last updated
Save as PDF
Share
1. Share
2. Tweet
3. Share

FortiGate Next Generation Firewalls (NGFWs) deliver industry-leading enterprise security for any edge at any scale with full visibility and threat protection. Organizations can weave security deep into the hybrid IT architecture and build security-driven networks to achieve ultra-fast security, end to end.

FortiGate datacenter threat visualizations in Splunk help you identify anomalous behavior and de-duplicate threat feed data to enable the fast creation and consolidation of analytics. Splunk ingests and maps security and traffic data collected from FortiGate physical and virtual appliances across domains. Log fields can be mapped from FortiGate appliances and interchanges into a common format. In the Common Information Model, FortiGate data is typically mapped to the Firewall data model.

Getting data in

Source	Add-ons and Apps	Guidance
Fortinet	Splunk platform Fortinet FortiGate Add-On for Splunk Fortinet FortiGate App for Splunk Fortinet FortiSOAR Add-on for Splunk FortiGate Active Response Add-on For Splunk Enterprise	Use Cases Monitoring for network traffic volume outliers Reconstructing a website defacement

Source

Add-ons and Apps

Guidance

Fortinet

Splunk platform

Fortinet FortiGate Add-On for Splunk
Fortinet FortiGate App for Splunk
Fortinet FortiSOAR Add-on for Splunk
FortiGate Active Response Add-on For Splunk Enterprise

Use Cases

Monitoring for network traffic volume outliers
Reconstructing a website defacement