What is FortiEDR?

FortiEDR (previously enSilo) delivers endpoint security with real-time visibility, analysis, protection, and remediation. FortiEDR prevents malware infection, detects and defuses potential threats in real time, and automates response and remediation procedures with customizable playbooks.

Why Should You Use the FortiEDR Connector?

The FortiEDR connector provides visibility into the assets managed by FortiEDR. You can use this visibility to:

  • ensure assets are managed per your security policies

  • monitor each endpoint and its status 

How Does This Connector Work?

Lucidum executes read-only requests to the Fortinet REST API and ingests only meta-data about ForiEDR devices. Lucidum does not retrieve any data stored on your assets.

Configuring the Connector in Lucidum

Field

Description

Example

URL

URL for the FortiEDR API

https://ENSILOHOST/management-rest/

Username

User name for a FortEDR account with read access for all devices.

 justynmutts

Password

The password for the ForiEDR pro account.

 ************

Source Documentation

Creating Credentials

https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/df7ab511-7435-11ea-9384-00505692583a/API_Guide_V4.1.pdf

Required Permissions

Object

Permissions

User Account 

 REST API

API Documentation

https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/df7ab511-7435-11ea-9384-00505692583a/API_Guide_V4.1.pdf