Security

Reply
Occasional Contributor I

Clearpass user isolation by Fortigate virus detection

Hi All,

 

I've set up a Clearpass server as a radius server and a Fortigate firewall.

 

Can i connect those two together with syslog or something? So when a user is blocked by fortigate because of virus isues. Clearpass recieves a message and puts the user in a restricted vlan.

 

When the user is a Smartphone he gets a different threatment than a IPcam. for example. a smartphone get blocked by three violations and an IPcam immediately.

 

Someone know a solutions?

Thanks

 

 

Guru Elite

Re: Clearpass user isolation by Fortigate virus detection

You (or your ClearPass Partner) would need to build an Ingress Event Engine dictionary for Fortigate. We do not have one available today.

Tim Cappalli | Aruba Security
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Occasional Contributor I

Re: Clearpass user isolation by Fortigate virus detection

Thanks i'll try that.

But what option do i chose for "configuration->Network->event sources"?

only checkpoint, infoblox, palo alto and Juniper are availabe.

does the vendor matter or is it for all syslog the same?

 

 

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: