# Fortinet FortiGate

Fortinet FortiGate is a next-generation firewall platform that inspects perimeter and internal traffic to block threats such as exploit attempts, malware delivery, command-and-control callbacks, and policy violations. Connecting FortiGate forwards firewall and threat syslog to Radiant Security through the Radiant Agent. Radiant uses the syslog data to triage firewall and threat alerts in context, giving analysts faster verdicts on whether observed traffic reflects a real compromise or routine network activity.

{% hint style="info" %}
To aggregate FortiGate logs through FortiAnalyzer before forwarding, refer to [Fortinet FortiAnalyzer](/radiant-connectors/data-connectors/fortinet/fortinet-fortianalyzer.md).
{% endhint %}

### Prerequisites

* [ ] FortiGate administrator access with permission to configure logging from the CLI
* [ ] A deployed [Radiant Agent](/radiant-connectors/data-connectors/install-the-radiant-security-agent.md) reachable from each FortiGate firewall
* [ ] Administrator role in Radiant Security

### Add the data connector in Radiant Security

1. Log in to [Radiant Security](https://app.radiantsecurity.ai/).
2. From the navigation menu, click **Settings** > **Data Connectors**, then click **+ Add Connector**.
3. Search for and select **Radiant Agent**, then click **Data Feeds**.
4. Under **Select your data feeds**, select **Fortinet Fortigate v7**, then click **Credentials**.
5. Under **Credential Name**, enter an identifiable name for the Radiant Agent integration (e.g., `Radiant Agent integration`). To reuse an existing Radiant Agent credential, select it from the drop-down menu.
6. Click **Add Connector**.

### Configure FortiGate to forward syslog

Before starting, confirm the IP address of the Radiant Agent and the port configured to receive FortiGate data. If you do not know the port, contact your Customer Success representative. For Fortinet's reference, see [Log settings and targets](https://docs.fortinet.com/document/fortigate/7.4.1/administration-guide/250999/log-settings-and-targets).

Apply this configuration on every FortiGate firewall that should forward syslog to Radiant.

1. Log in to the FortiGate CLI.
2. Configure the syslog destination. Replace `<RADIANT_AGENT_IP>` with the IP address of the Radiant Agent and `<PORT>` with the port configured on the agent to receive FortiGate data:

```jsx
config log syslogd setting
    set status enable
    set server <RADIANT_AGENT_IP>
    set mode reliable
    set port <PORT>
    set enc-algorithm disable
end
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://help.radiantsecurity.ai/radiant-connectors/data-connectors/fortinet/fortinet-fortigate.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.