Initial Setup of FortiDeceptor 1000F

Today I recieved my FortiDeceptor 1000F Appliance. For those who are not familiar with the product, it is deception technology (hence the name). It is essentially a honey-pot on steroids. It spins up “fake” Windows and Linux devices and reports when people attempt to access the resources. This reduces the dwell time of a breach. I heard the roadmap and I am excited about the solution. I had some issues with the initial config because I did not RTFM. So I deceded to write a blog post about it. Here is the skinny. There IS a management port, however it is not in use. DO NOT bother plugging anything into it as it will not work. No 192.168.1.99 on the mgmt port. However, there is ports 1-8 (4 Copper and 4 SFP).

As you can see in the screenshot above, 192.168.1.99 DOES in fact exist but it is assigned to port2.

The CLI is not the full FortiOS you are used to. This is v1.0 so approach with caution. The USB ports are not functional at this time either. The console, thankfully is there for us CLI Jockeys.

To change the IP address, you can console into the box. Username is ‘admin’ password is blank (as in, no password).

Very simple command to change the IP address. No need to go into any ‘config’ mode. The ONLY port you will be able to connect to via HTTPS, will be port1 so make sure you are using it. Don’t be lazy like me and plug into port 2 thinking you are going to hit it on https://192.168.1.99.

Once you have the IP on it that you want, you can connect via the browser.

 

Once you log into the GUI, please create a password for the admin account. NOTE: The password change is not your standard ‘password change’ dialog. You will see now…

 

On the top right corner, click on ‘admin’ and choose ‘Change Password’

 

This is the differences I was saying. Usually, you put the ‘old password’ first and then the new one with the confirmation. On the FDC, it is the opposite.

This will get you going. Expect a follow up post on the FDC.