SOCFortress Integrations — Fortinet Secure Web Proxy (FortiProxy)

3 min readJan 26, 2024

Intro

SOCFortress integration and visualization tools allow security analysts the visualization and triage of Fortinet Secure Web Proxy (FortiProxy) security events using a single pane of glass.

About FortiProxy

FortiProxy is a secure web proxy solution developed by Fortinet. It is designed to provide organizations with secure and efficient web access, content filtering, and threat protection. FortiProxy plays a crucial role in helping businesses enforce security policies, protect against web-based threats, and ensure safe internet usage for their users.

FortiProxy features and capabilities:

Web Filtering and Content Control:FortiProxy enables organizations to implement content filtering policies, allowing administrators to control and monitor users’ access to websites and online content. It helps prevent access to malicious or inappropriate websites, enhancing overall security.
SSL Inspection:The solution supports SSL inspection, allowing it to decrypt and inspect encrypted web traffic for potential threats. This helps in detecting and blocking malicious content even if it is transmitted over encrypted connections.
Application Control:FortiProxy provides application control features, allowing organizations to manage and control the use of specific web applications. This helps in optimizing bandwidth usage and ensuring compliance with security policies.
Antivirus and Antimalware Protection:FortiProxy includes antivirus and antimalware capabilities to detect and block malicious content, ensuring that users are protected from web-based threats such as viruses, malware, and phishing attacks.
User Authentication and Access Control:FortiProxy supports user authentication mechanisms, enabling organizations to enforce access control policies based on user identities. This ensures that only authorized users have access to specific web resources.
Integration with Fortinet Security Fabric:FortiProxy is part of Fortinet’s Security Fabric, allowing seamless integration with other Fortinet security solutions. This integration enhances the overall security posture of an organization by providing a unified and coordinated defense against various threats.
Performance Optimization:FortiProxy includes features for optimizing web performance, such as caching, compression, and bandwidth management. These features help in improving user experience and optimizing network resources.
Logging and Reporting:FortiProxy provides extensive logging and reporting capabilities, allowing administrators to monitor web usage, track security events, and generate reports for compliance purposes.

FortiProxy is often used as part of a comprehensive security strategy within an organization, integrating with other Fortinet security products to provide a layered defense against cyber threats. It is suitable for businesses of various sizes and industries, offering flexibility in deployment and configuration to meet specific security requirements.

Ingesting FortiProxy logs and events

Reference: https://docs.fortinet.com/document/fortiproxy/7.4.2/administration-guide/250999/log-settings

Visualizations

FortiProxy, quick stats in landing page:

System events by type, appliance, severity, etc.

System logs and events — Event table

Fortyproxy — UTM module

Need Help?

The functionality discussed in this post, and so much more, are available via the SOCFortress platform. Let SOCFortress help you and your team keep your infrastructure secure.

Website: https://www.socfortress.co/