Fortinet's Fortigate NGFW With Wasabi

  • Updated on Jun 18, 2024
  • Published on Dec 15, 2023
  • 1 minute(s) read

How do I use Fortinet's Fortigate NGFW with Wasabi?

FortiGate NGFWs deliver industry-leading enterprise security for any edge at any scale with full visibility and threat protection. FortiGate NGFWs are now partnered with Wasabi to extend the visibility & monitoring. Follow instructions below to integrate NGFWs with Wasabi.

Pre-requisites:

  • FortiOS v6.4.8 Build 1914 or higher recommended

  • Current FortiGuard subscription that provides current application signatures

  • Active Wasabi's Hot Cloud Storage subscription

Reference Architecture:

mceclip0.png

A FortiGate firewall must be in the data path between the Wasabi client and the path to the Wasabi storage regions.

A firewall policy rule should exist with the following:

  1. Permits the desired traffic from the client host to Wasabi

  2. Enables the “Application Control” feature

  3. Enable “deep-inspection” for the SSL Inspection feature

    • Note: If deep-inspection is disabled, Fortigate firewall will identify traffic being sent-to/received-from Wasabi, when enabled, Fortigate firewall will be able to detect what type of interactions are being exchanged with Wasabi storage (ex: upload vs download vs deletion)

  4. Enable “Log Allowed Traffic” with “All Sessions” option.

mceclip1.png

To use logging via syslog, go to Log Settings -> Remote Logging and Archiving

  • Enable the syslog option and enter the destination syslog IP

mceclip2.png

Additionally, FortiAnalyzer can be used as a logging destination, and logs can be accessed via its API or forwarded to a packet capture infrastructure.