Fortinet FortiEDR
Samurai [Local] Collector | Samurai [Cloud] Collector |
---|---|
This guide describes the steps required to configure Fortinet FortiEDR for telemetry data ingestion to the Samurai platform.
Follow the steps below:
1. From the FortiEDR Central Manager
2. From the Samurai MDR portal
Create a user with a REST API role
Follow the Fortinet documentation:
When completing the steps use the following parameters:
- Role: Read-Only
- Advanced: Rest API (checked)
- Two Factor Authentication: Ensure MFA is Disabled
Once you have created the user, you must use the credentials to login to the FortiEDR Central Manager and change the password before proceeding, this is due to Fortinet forcing a password reset upon first login.
Additional information required
You will also need to provide additional information to complete the integration. This includes:
- Deployment URL: This is the URL utilized to access the FortiEDR Central Manager.
- Organization: This is the Organization name used when logging into the FortiEDR Central Manager
Complete the Fortinet FortiEDR Integration
- Login to the Samurai MDR portal
- Click Telemetry and select Integrations from the main menu
- Select Create
- Locate and click Fortinet FortiEDR
- Click Next (we leverage a Samurai Cloud Collector)
- Enter a Name of Integration
- Enter a Description (Optional)
- Enter your Deployment URL
- Enter your Organization
- Enter your Username
- Enter your Password
- Click Finish
Our Integration guide was accurate at the time of writing but vendors change things frequently! If you find errors or anything is outdated, let us know by raising a request in the Samurai MDR application and we shall get it updated.