About FortiGate NGFW
FortiGate NGFWs enable security-driven networking and consolidate industry-leading security capabilities such as intrusion prevention system (IPS), web filtering, secure sockets layer (SSL) inspection, and automated threat protection. Fortinet NGFWs meet the performance needs of highly scalable, hybrid IT architectures, enabling organizations to reduce complexity and manage security risks.
SIRP’s integration with FortiGate NGFW allows security teams to execute response actions right from SIRP.
SIRP’s FortiGate integration app allows you to execute the following actions:
Block IP as Source
Block an IP address as Source on NGFW
Block IP as Destination
Block an IP address as Destination on NGFW
Unblock IP as Source
Whitelist an IP Address as Source on NGFW
Unblock IP as Destination
Whitelist an IP Address as Destination on NGFW
Enable and Configure the FortiGate App
Create Policies on FortiGate Firewall
1. Log in to the FortiGate App.
2. From the configuration pane, go to Policy & Objects > IP4 Policy, then click Create New.
3. Enter the policy name.
4. Set the destination IP and mask as needed.
5. Set source and destination Interfaces in the incoming interface and outgoing interface
6. Enable the policy by clicking the toggle button.
7. Click "OK"
8. The policy has been created
By following the next steps, configure the SIRP App with FortiGate.
Configure SIRP App
1. Next, log in to SIRP, then go to Apps from the left navigation bar
2. Locate the app named FortiGate Firewall
3. Enable the FortiGate app by clicking on the toggle button under the Status
4. As soon as you enable the App, you will get an option to add the configuration details.
5. Add following details and click Save:
a. IP: <IP address of FortiGate Firewall>
b. Username: <Username to log in to FortiGate Firewall>
c. Password: <Password to login to FortiGate Firewall>
d. Source-Policy-ID: <ID of the Source policy created on FortiGate Firewall>
e. Destination-Policy-ID: <ID of the Destination policy created on FortiGate Firewall>
6. After the last step, you should be able to execute the FortiGate actions on-demand or through Playbooks to block and unblock IP addresses.