Posted by Michael Skoupý, Last modified by Michael Skoupý on 13 November 2019 02:38 PM
Supported product versions
Integrate FortiGate with Safetica
1. Log in to FortiGate management console
4. Go to System/Administrators and click on [Create New > REST API Admin]
5. Log in to Safetica Management Console
Synchronize FortiGate SSL inspection with Safetica
When you refresh the view, all active SSL certificates from FortiGate will be listed in Safetica‘s Network Certificates section.
To remove imported SSL certificates, you can remove them in FortiGate and refresh the sync state in Safetica Management Console by clicking on the [Refresh] button. Alternatively, to remove all synced SSL certificates, you can turn off Import all SSL certificates and distribute them using Safetica.
If you need a more selective way to sync SSL certificates, you can import individual certificates manually under Network Certificates using the [Import] button.
Synchronize Safetica data classification with FortiGate
Since version 9.3 Safetica offers data classification stored in persistent metadata. Data categories that use this technology can be synchronized with FortiGate so that classified files are detected on network and FortiGate can take action.
To configure automatic synchronization of Safetica data classification with FortiGate:
Compatible Safetica data categories will be created on the FortiGate appliance as preconfigured DLP sensors and preconfigured but inactive IPv4 and IPv6 firewall policies.
You can either use the preconfigured policies to activate the detection of Safetica classification on your FortiGate, or you can simply introduce a set dlp sensor parameter for one of your existing firewall policies.
FortiGate DLP sensors created by Safeica will be named after Safetica data categories and will be preconfigured what to detect and what action to take. To review the new DLP sensors, use the following FortiGate CLI command:
# show dlp sensor
Policies created by Safetica will have the prefix “Safetica4” or “Safetica6” and will include a preconfigured parameter set dlp-sensor. To review the new IPv4 and IPv6 FortiGate policies, use the following FortiGate CLI commands:
# show firewall policy
FortiGate service alert
If you want to make sure that your configured FortiGate integration works correctly, you can set up a Safetica service alert which will warn you when an error has occurred on a synchronized FortiGate appliance:
Viewing FortiGate DLP logs
To view FortiGate logs generated by DLP sensors, use the following FortiGate CLI commands:
# execute log filter category utm-dlp