FortiDeceptor-DECEIVE , EXPOSE & ELIMINATE THREATS
April 16, 2022

FortiDeceptor-DECEIVE , EXPOSE & ELIMINATE THREATS

Bhuwan Chandra | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User

Overall Satisfaction with FortiDeceptor

FortiDeceptor is the Concept of Honeypot & Threat Analytics & Threat Intelligent. Lure attackers to decoys that appear indistinguishable from real IT & OT assets & highly interactive. Centrally manage & automate deployments of decoy VMs(Windows, Linux, ICS/SCADA) and generations of lures (data, applications, Services) FortiDeceptor is designed to DECEIVE, EXPOSE and ELIMINATE external & internal attack kill chain & proactively block these threats before any significant damage occurs. Protect both IT & OT Devices, FortiDeceptor provides expansive decoy support to lure attacks away from IT & OT environments. Fortideceptor is Unintrusive & EasyIt is a Network based solution that creates a fake environment to stimulate the actual one. It is completely unintrusive -no requirement to take SCADA/ICS offline nor does it create any delay in operational duties.

Pros

  • Gain visibility of network-related attacks & laterals movements that could potentially bypass existing security in place.
  • Redirect attacks from existing critical platforms as well as sensitive data .
  • Early warning system to deal with threats.

Cons

  • FortiDeceptor works very well with FortiFabric environments, Where We need FortiSIEM & Other FortiGate NGFW, which could lead to a hike in IT Security Budget.
  • Reporting part needs to improve, Where again we have to buy a Forti analyzer for reporting part.
  • FortiDeceptor is one of the best Deception technology available across the globe, With the best licensing policy ( Maximum Decoys based on Deception best practice -Four Decoy per VLAN).
  • Add-on-per VLAN(minimum quantity of two).
  • Day-1 operation via AI-based network and asset discovery & automated deployment of decoys.
  • Security Fabrics enables Fortideceptor integration with Fortinet & third-party security solutions to automate threat response.
Since we have other Fortinet solutions like Fortigate NGFW & FortiSIEM in place, they share the threat intelligence with each other, and FortiDeceptor works very well in FortiFabric environments, We decided to go with FortiDeceptor for Deception technology. In the case of Rapid7 & Smokescreen, we had to counter the integration issue with existing IT infra, Security solutions should not work in silos, they need to share intelligence with each other to get the best from the existing Solution & to get the best ROI.

Do you think FortiDeceptor delivers good value for the price?

Yes

Are you happy with FortiDeceptor's feature set?

Yes

Did FortiDeceptor live up to sales and marketing promises?

Yes

Did implementation of FortiDeceptor go as expected?

I wasn't involved with the implementation phase

Would you buy FortiDeceptor again?

Yes

To help the Infosec Team Scale & create a seamless consolidated threat response. FortiDeceptor all the Security analysts to manually investigate & manual remediation or automatically block these attacks based on severity before actual damage occurs via integration with Fortigate to quarantine the IP address of the threat actor, FortiNAC to isolate devices within an organization with FortiSOAR to trigger appropriate playbooks for an orchestrated response and with 3rd party solutions to trigger a response action via built-in fabric connector API. FortiDeceptor needs other FortiFabric Devices to respond well, however, FortiDeceptor also connects with other solutions via built-in fabric connector API, but you may miss the real-time data flow or may be delayed in response.

Comments

More Reviews of FortiDeceptor

  1. Home
  2. Deception Technology Software
  3. FortiDeceptor Reviews
  4. User Review of FortiDeceptor