I have a client which has FG-600 and X430 access switches with Netsight&NAC.
What benefits could I get from Forti&Extreme integration in this case? If it's still possible...
the FortiGate solutions are actually 2 integrations.
The first integration is the single sign-on which uses RADIUS accounting. The integration uses the ExtremeControl notification engine and listens for end system updates. When an end system that has a username and IP address transitions to an accept state, we send a RADIUS accounting start message to the FortiGate to start the session. When the end system transitions to the disconnected state, we send a RADIUS accounting stop message to end the session. We have the option to send the RADIUS accounting interim message to keep the session alive.
The Fortinet filtering rules are accomplished by adding a RADIUS attribute called profile. The value of profile is the ExtremeControl profile name. This creates a mapping in the FortiGate where the ExtremeControl profile name is associated to a user group. Filtering rules can now be created where rules are applied to specific user groups.
The 2nd integration is the distributed IPS. This solution is generic and works with multiple firewalls. It’s an event driven solution that relies on matching a regular expression with the event message. When a regular expression match is found, we parse out the threat IP, threat MAC, or threat name and take action. Currently the action is adding the threat to an end system group and applying different network access for the device.Hope that helps and makes sense.