Fortinet FortiGate Firewall
App Vendor: Fortinet
App Category: Network Security
Connector Version: 2.3.0
API Version: v2
About App
Fortinet FortiGate Firewall is a next-generation firewall that supports packet filtering, IPSec, SSL VPNs, network monitoring, IP mapping, and content inspection. The Fortinet FortiGate Firewall app allows security teams to integrate with the Fortinet FortiGate Firewall enterprise application to utilize the deep inspection capabilities to identify threats and block them. It provides the ability to remove blind spots with SSL inspection, automate threat protection, share threat intelligence across the entire digital attack, and offers robust protection from known and unknown attacks.
The Fortinet FortiGate Firewall app in the Orchestrate application performs the following actions:
Action | Description |
|---|---|
Create Address Group | This action creates an address group which includes the address objects. |
Create Address Object | This action creates a new address object. |
Get Address Group by Name | This action fetches information about an address group based on the address group name. |
Get All Address Objects | This action fetches all the address objects in the environment. |
Get Address Object by Name | This action fetches information about an address object based on the address object name. |
Update Address Group | This action adds or removes an address object to the address group based on the address group name. |
Update Address Object | This action updates an existing address object with the provided data such as IP address or IP range. |
Delete Address Object | This action deletes a network address object. |
Create Firewall Policy | This actions creates a firewall policy. |
Update Firewall Policy | This action updates a firewall policy. |
Move Firewall Policy | This action moves the position of firewall policies. |
Delete Firewall Policy | This action deletes a firewall policy. |
List Firewall Policies | This action lists firewall policies. |
List Banned IPs | This action lists all the banned IPv4 and IPv6 addresses. |
Ban IP | This action blocks access for a specified IP address. |
Unban IP | This action restores access for a specified IP address. |
List Firewall Services | This action lists all the firewall services. |
Create Firewall Service | This action creates a firewall service. |
Update Firewall Service | This action updates a firewall service. |
Delete Firewall Service | This action deletes a firewall service. |
List Firewall Service Groups | This action lists all firewall service groups. |
Create Firewall Service Group | This action creates a firewall service group. |
Update Firewall Service Group | This action updates a firewall service group. |
Delete Firewall Service Group | This action deletes a firewall service group. |
List System VDOMs | This action lists all the virtual domains. |
List Firewall Address IPv6 Groups | This action lists all the IPv6 address groups. |
Create Firewall Address IPv6 Group | This action creates an IPv6 address group. |
Update Firewall Address IPv6 Group | This action updates an IPv6 address group. |
Delete Firewall Address IPv6 Group | This action deletes an IPv6 address group. |
List Firewall Address IPv6 Multicasts | This action lists all the IPv6 multicast addresses. |
Create Firewall Address IPv6 Multicast | This action creates an IPv6 multicast address. |
Update Firewall Address IPv6 Multicast | This action updates an IPv6 multicast address. |
Delete Firewall Address IPv6 Multicast | This action deletes an IPv6 multicast address. |
Configuration Parameters
The following configuration parameters are required for the Fortinet Fortigate app to communicate with the Fortinet Fortigate enterprise application. The parameters can be configured by creating instances in the app.
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
API Key | Enter the API key created using the Fortigate CLI. | Password | Required | |
Vdom | Enter the name of the virtual domain to connect. Example: root | Text | Optional | Default value: root |
Verify | Select whether to perform the SSL certificate verification. | Text | Required | Default value: false Allowed values:
|
Timeout | Enter the timeout value in seconds. This is the number of seconds that requests will wait to establish a connection with Fortinet FortiGate Firewall. | Integer | Optional | Allowed Range: 15-120 Default value: 15 |
Endpoint URL | Enter the URL of the Fortigate host. Example: http[s]://<fortigate-host>/ | Text | Required |
Action: Ban IP
This action blocks access for a specified IP address.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
IP Address | Enter a comma-separated list of IP addresses (IPv4 or IPv6) to block. | List | Required | Allowed type: IPv4, IPv6 |
Expiry | Enter the duration (in seconds) to block the IP address. Enter 0 to block it indefinitely. | Integer | Optional | Default value is 0. |
Example Request
[
{
"ip_addresses": [
"1.1.1.1"
]
}
]Action: Create Address Group
This action creates an address group which includes the address objects with the given name.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Address Group Name | Enter the name of the address group to create. | Text | Required | |
Address Object Name | Enter the name of the address object to add to the newly created address group. | Text | Required |
Example Request
[
{
"address_name": "new-object-06-21-205118-0",
"address_group_name": "new-object-06-21-205118-3"
}
]Action: Create Address Object
This action creates a new address object.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Address Object Name | Enter the name of the address object to create. | Text | Required | You can also pass additional parameters to create an address object such as Object Type, IP address, Subnet, Start of IP Range, End of IP Range, and Fully Qualified Domain Name.
|
Object Type | Specify the type of address object to create. | Text | Optional | Allowed values: ipmask, iprange, fqdn Default value: ipmask |
IP Address | Specify the IP address. | Text | Optional | This is mandatory for ipmask object type. |
Subnet | Specify the subnet. | Text | Optional | Default: 255.255.255.255 |
Start of IP Range | Specify the start of IP range. | Text | Optional | This is mandatory for iprange object type. |
End of IP Range | Specify the end of IP range. | Text | Optional | This is mandatory for iprange object type. |
Fully Qualified Domain Name | Specify the fully qualified domain name. | Text | Optional | This is mandatory for fqdn object type. |
Example Request
[
{
"subnet": "255.255.255.255",
"ip_address": "1.1.1.1",
"object_type": "ipmask",
"address_name": "tes1t193112"
}
]Action: Create Firewall Address IPv6 Group
This action creates an IPv6 address group.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Name | Enter the name of the address group to create. | Text | Required | |
Members | Enter the comma-separated list of service objects (service or service group names). | Any | Required | You can retrieve service names using the action List Firewall Services. You can retrieve service group names using the action List Firewall Service Groups. |
Extra Fields | Enter the extra fields to create the group. | Key value | Optional | Allowed keys: uuid, color, comment, exclude, exclude-member, tagging, fabric-object NoteEnsure to include at least one extra field to make the request. |
Example Request
[
{
"name": "Test",
"extra_fields": {
"color": "10",
"member": [
{
"name": "Testnew"
}
]
}
}
]Action: Create Firewall Address IPv6 Multicast
This action creates an IPv6 multicast address.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Name | Enter the name of the address to create. | Text | Required | |
IPv6 Subnet | Enter the IPv6 address prefix in format. | Text | Required | Allowed format: xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx/xxx |
Extra Data | Enter the extra data to be added. | Key value | Optional | Allowed keys: comment, color, tagging |
Example Request
[
{
"name": "test",
"subnet": "ff08::2",
"extra_data": {}
}
]Action: Create Firewall Policy
This action creates a firewall policy that define the direction of traffic, the processing method, and the permissions required for traversing the firewall.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
Name | Enter the policy name. | Text | Required | |
Source Interfaces | Enter the comma-separated list of incoming (ingress) interfaces. | List | Required | |
Destination Interfaces | Enter the comma-separated list of incoming (egress) interfaces. | List | Required | |
Action | Specify the action to accept or deny sessions that match the firewall policy. | Text | Required | Allowed values: accept and block |
Services | Enter the comma-separated list of service and service group names. | List | Required | You can retrieve this using the action List Firewall Services or List Firewall Service Groups. |
Extra Fields | Enter the extra parameters to create the firewall policy. | Key value | Optional | Allowed keys: vdom, description, source, source6, destination, destination6, negate_source_address, negate_destination_address, negate_service, status, log, schedule, nat |
Example Request
[
{
"name": "9.0.7.6",
"action": "accept",
"services": [
{
"name": "ALL"
}
],
"extra_fields": {},
"source_interfaces": [
{
"name": "port1"
}
],
"destination_interfaces": [
{
"name": "port1"
}
]
}
]Action: Create Firewall Service
This action creates a firewall service.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Name | Enter the name of the service to create. | Text | Required | |
Extra Fields | Enter the extra fields to create the service. | Key value | Optional | Allowed keys: uuid, proxy, protocol, category, helper, iprange, fqdn, protocol-number, icmptype, icmpcode, tcp-portrange, udp-portrange, sctp-portrange, tcp-halfclose-timer, tcp-halfopen-timer, tcp-timewait-timer, tcp-rst-timer, udp-idle-timer, session-ttl, check-reset-range, comment, color, app-service-type, app-category, application, fabric-object |
Example Request
[
{
"name": "FirewallService2",
"extra_fields": {}
}
]Action: Create Firewall Service Group
This action creates a firewall service group.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Name | Enter the name of the service group to create. | Text | Required | |
Members | Enter the comma-separated list of service objects (service or service group names). | Any | Required | You can retrieve service names using the action List Firewall Services. You can retrieve service group names using the action List Firewall Service Groups. |
Extra Fields | Enter the extra fields to create the firewall service group. | Key value | Optional | Allowed keys: proxy, comment, color, uuid, fabric-object NoteEnsure to include at least one extra field to make the request. |
Example Request
[
{
"name": "Test23451212",
"members": [
{
"name": "ALL"
}
],
"extra_fields": {
"color": "10"
}
}
]Action: Delete Address Object
This action deletes a network address object.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
Address Object Name | Enter the name of a network address object that you need to delete. Example: new-object-06-21-205118-3 | Text | Required |
Example Request
[
{
"object_name": "new-object-06-21-205118-0"
}
]Action: Delete Firewall Address IPv6 Group
This action deletes an IPv6 address group.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Name | Enter the name of the address group to delete. | Text | Required | You can retrieve this using the action List Firewall Address IPv6 Groups. |
Example Request
[
{
"name": "Test"
}
]Action: Delete Firewall Address IPv6 Multicast
This action deletes an IPv6 multicast address.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Name | Enter the name of the address to delete. | Text | Required | You can retrieve this using the action List Firewall Address IPv6 Multicasts. |
Example Request
[
{
"name": "test"
}
]Action: Delete Firewall Policy
This action deletes a firewall policy.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Policy ID | Enter the ID of the policy to delete. | Text | Required | You can retrieve this using the action List Firewall Policies. |
Example Request
[
{
"policy_id": "12"
}
]Action: Delete Firewall Service
This action deletes a firewall service.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Name | Enter the name of the service to delete. | Text | Required | You can retrieve this using the action List Firewall Services. |
Example Request
[
{
"name": "FirewallService1"
}
]Action: Delete Firewall Service Group
This action deletes a firewall service group.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Name | Enter the name of the service group to delete. | Text | Required | You can retrieve this using the action List Firewall Service Groups. |
Example Request
[
{
"name": "Test23451212"
}
]Action: Get Address Group By Name
This action fetches information about an address group based on the address group name.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Address Group Name | Enter the name of the address group using which you can retrieve the address group details. | Text | Required |
Example Request
[
{
"address_group_name": "new-object-06-21-205118-3"
}
]Action: Get All Address Objects
This action fetches all the address objects in the environment.
Action Input Parameters
This action does not require any input parameters.
Action: Get Address Object By Name
This action fetches information about an address object based on the address object name.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Address Object Name | Enter the name of the address object to retrieve using which you can retrieve the address object details. | Text | Required |
Example Request
[
{
"address_name": "new-object-06-21-205118-0
}
]Action: List Banned IPs
This action lists all the banned IPv4 and IPv6 addresses.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Filters | Enter the filters to narrow down the response. | Key value | Optional |
Example Request
[
{
"filters": {}
}
]Action: List Firewall Address IPv6 Groups
This action lists all the IPv6 address groups.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Name | Enter the name of the specific address group to retrieve. | Text | Optional | Default value is None. |
Filters | Enter the filters to narrow down the response. | Key value | Optional | Allowed keys: attr, count, acs, skip_to, search, scope, datasource, with_meta, skip, format, action, vdom |
Example Request
[
{
"filters": {}
}
]Action: List Firewall Address IPv6 Multicasts
This action lists all the IPv6 multicast addresses.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Name | Enter the name of the specific multicast address to retrieve. | Text | Optional | Default value is None. |
Filters | Enter the filters to narrow down the response. | Key value | Optional | Allowed keys: attr, count, acs, skip_to, search, scope, datasource, with_meta, skip, format, action, vdom |
Example Request
[
{
"filters": {}
}
]Action: List Firewall Policies
This action lists firewall policies.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Policy ID | Enter the ID of the policy to get a particular policy response. | Text | Optional | |
Filters | Enter the filters to narrow down the response. | Key value | Optional | Allowed keys: attr, count, skip_to, acs, search, scope, datasource, with_meta, skip, format, action, vdom |
Example Request
[
{
"filters": {},
"policy_id": "6"
}
]Action: List Firewall Service Groups
This action lists all firewall service groups.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Name | Enter the service group name to retrieve the specific service group. | Text | Optional | Default value is None. |
Filters | Enter the filters to narrow down the response. | Key value | Optional | Allowed keys: attr, count, skip_to, acs, search, scope, datasource, with_meta, skip, format, action, vdom |
Example Request
[
{
"filters": {}
}
]Action: List Firewall Services
This action lists all the firewall services.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Name | Enter the name of the service to retrieve the specific service. | Text | Optional | Default value is None. |
Filters | Enter the filters to narrow down the response. | Key value | Optional | Allowed keys: acs, attr, count, skip_to, search, scope, datasource, with_meta, skip, format, action, vdom |
Example Request
[
{
"filters": {}
}
]Action: List System VDOMs
This action lists all the virtual domains.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Name | Enter the virtual domain name to retrieve a particular virtual domain. | Text | Optional | |
Filters | Enter the filters to narrow down the response. | Key value | Optional | Allowed keys: attr, count, acs, skip_to, search, scope, datasource, with_meta, skip, format, action, vdom |
Example Request
[
{
"filters": {}
}
]Action: Move Firewall Policy
This action moves the position of firewall policies.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Policy ID | Enter the ID of the policy to move. | Text | Required | You can retrieve this using the action List Firewall Policies. |
Position | Specify the position to place the policy relative to its neighbor, indicating whether to position it before or after. | Text | Required | Allowed values: before, after |
Neighbor | Enter the ID of the neighboring policy. | Text | Required | You can retrieve this using the action List Firewall Policies. |
Example Request
[
{
"neighbor": "10",
"position": "after",
"policy_id": "8"
}
]Action: Unban IP
This action restores access for a specified IP address.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
IP Address | Enter the comma-separated list of IP addresses (IPv4 or IPv6) to restore access. | List | Required | You can retrieve this using the action List Banned IPs. |
Example Request
[
{
"ip_addresses": [
"1.1.1.1"
]
}
]Action: Update Address Group
This action adds or removes an address object to the address group based on the address group name.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Address Group | Enter the name of the address group to update. | Text | Required | |
Want to Remove | Choose true to remove the address data. | Boolean | Required | Allowed values:
|
Address Name | Enter the name of address object to add to or remove from address group. | Text | Optional |
Example Request
[
{
"address_group_name": "new-object-06-21-205118-0",
"remove": true,
"address_name": "new-object-06-21-205118-3"
}
]Action: Update Address Object
This action updates an existing address object with the provided data such as IP address or IP range.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Address Object Name | Enter the name of the address object to update. Example: new-object-06-21-205118-3 | Text | Required | You can also pass additional parameters to the action such as Object Type, IP address, Subnet, Start of IP Range, End of IP Range, and Fully Qualified Domain Name. |
Example Request
[
{
"ip_address": "44.33.22.11",
"address_name": "new-object-06-21-205118-0"
}
]Action: Update Firewall Address IPv6 Group
This action updates an IPv6 address group.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Name | Enter the name of the address group to update. | Text | Required | You can retrieve this using the action List Firewall Address IPv6 Groups. |
Extra Fields | Enter the extra fields to update the group. | Key value | Optional | Allowed keys: uuid, color, comment, exclude, exclude-member, tagging, fabric-object |
Example Request
[
{
"name": "Test",
"extra_fields": {
"color": "11"
}
}
]Action: Update Firewall Address IPv6 Multicast
This action updates an IPv6 multicast address.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Name | Enter the name of the address to update. | Text | Required | You can retrieve this using the action List Firewall Address IPv6 Multicasts. |
Extra Data | Enter any extra fields to update. | Key value | Optional | Allowed keys: comment, color, tagging |
Example Request
[
{
"name": "test",
"extra_data": {
"color": "10"
}
}
]Action: Update Firewall Policy
This action updates a firewall policy.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
Policy ID | Enter the policy ID to update. | Text | Required | You can retrieve this using the action List Firewall Policies. |
Extra Fields | Enter the extra parameters to update the firewall policy. | Key value | Optional | Allowed keys: source_interface, destination_interface, description, status, source, destination, service, schedule, action, log, nat, source6, destination6, negate_source, negate_destination, negate_source6, negate_destination6, negate_service, keep_original_data, add_or_remove, vdom |
Example Request
[
{
"policy_id": "6",
"extra_fields": {
"action": "accept"
}
}
]Action: Update Firewall Service
This action updates a firewall service.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Name | Enter the name of the service to update. | Text | Required | You can retrieve this using the action List Firewall Services. |
Extra Fields | Enter the extra fields to update the service. | Key value | Optional | Allowed keys: uuid, proxy, protocol, category, helper, iprange, fqdn, protocol-number, icmptype, icmpcode, tcp-portrange, udp-portrange, sctp-portrange, tcp-halfclose-timer, tcp-halfopen-timer, tcp-timewait-timer, tcp-rst-timer, udp-idle-timer, session-ttl, check-reset-range, comment, color, app-service-type, app-category, application, fabric-object |
Example Request
[
{
"name": "FirewallService2",
"extra_fields": {
"color": "10"
}
}
]Action: Update Firewall Service Group
This action updates a firewall service group.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Name | Enter the name of the service group to update. | Text | Required | You can retrieve this using the action List Firewall Service Groups. |
Members | Enter the comma-separated list of service objects (service or service group names). | Any | Required | You can retrieve service names using the action List Firewall Services. You can retrieve service group name using the action List Firewall Service Groups. |
Extra Fields | Enter the extra fields to update the firewall service group. | Key value | Optional | Allowed keys: uuid, proxy, comment, color, fabric-object NoteEnsure to include at least one extra field to make the request. |
Example Request
[
{
"name": "Test234512",
"members": [
{
"name": "DNS"
}
],
"extra_fields": {}
}
]