Table of Contents
Lumu’s integration ecosystem is constantly expanding to better align with each customer’s unique cybersecurity ecosystem. Lumu and Fortinet have partnered up to deliver an industry-leading security solution to address the pervasive threats inside networks. For those who use Fortinet’s FortiGate NGFW, it’s now easier than ever to automate response to malicious activity discovered across your network.
Lumu and Fortinet’s Partnership
As a Technology Alliance Partner in Fortinet’s Fabric-Ready Partner Program, Lumu delivers automated attack detection and response across the network.
Fortinet’s FortiGate NGFW and Lumu enable efficient cybersecurity operations through an integrated solution for network detection and response. Lumu continuously collects network metadata from various sources, including Fortinet. When malicious activity is discovered during the data collection process, Lumu triggers an alert to FortiGate NGFW for real-time attack response.
The out-of-the-box integration between Lumu and Fortinet allows for a simplistic approach to blocking adversarial activity with just a few clicks.
Here’s How It Works
Integrations can be configured from within the Lumu Customer Portal by selecting your desired vendor and clicking on ‘Activate’.
From here you can add the threat types you’d like blocked by Fortinet.
At this point, you’ll be given configuration keys to block domains, URLs, and IP addresses. These will be added to configure threat feeds within Fortinet’s environment.
From here you’ll access your FortiGate Firewall environment with admin access to begin the configurations by adding new external collectors. Once you’re there you’ll create a new threat feed to block the domains and URLs with that first link provided from the Lumu portal.
Select OK and at this point, your threat feed for domains and URLs from Lumu has been properly configured.
Next, you’ll configure a separate threat feed to block malicious IP addresses.
As with the first threat feed, you’ll enter all of the information, including the key provided in the Lumu portal, and select OK. Now, these threat feeds are ready to be added to web filters and firewall policies accordingly.
First, we will add the URLs and domains to be blocked by creating or editing a new web filter and firewall policy.
Next, you will create a new firewall policy to block IP addresses from the Lumu IP threat feed.