Fortigate MCP

37 tools. 3 can modify or destroy data without limits.

3 write tools that can modify data. Rate limits recommended.

Last updated:

3 can modify or destroy data
34 read-only
37 tools total

Community server · catalogue entry verified 02/07/2026

How to control Fortigate MCP ↓

What Fortigate MCP exposes to your agents

Read (34) Write / Execute (3) Destructive / Financial (0)
High Risk

The most dangerous Fortigate MCP tools

3 of Fortigate MCP's 37 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

How to control Fortigate MCP

PolicyLayer is an MCP gateway — it sits between your AI agents and Fortigate MCP, and nothing reaches the server without passing your rules. These are the rules we recommend:

Rate limit write operations
{
  "fortigate_export_readonly_snapshot": {
    "limits": [
      {
        "counter": "fortigate_export_readonly_snapshot_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
{
  "fortigate_compare_snapshots": {
    "limits": [
      {
        "counter": "fortigate_compare_snapshots_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

  1. Create a free account and register Fortigate MCP — nothing to install.
  2. Add these rules — paste them, or build them visually. Tune the limits to your setup.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
ENFORCE POLICY ON FORTIGATE →

Instant setup, no code required.

All 37 Fortigate MCP tools

READ 34 tools
Read fortigate_compare_snapshots Compare two local read-only snapshot JSON files exported by this MCP. Read fortigate_explain_flow fortigate_explain_flow Read fortigate_find_policy_by_ip Find firewall policies that reference address objects containing an IPv4 address. Read fortigate_find_policy_for_flow Find candidate firewall policies for a source/destination/protocol flow. Read fortigate_get_admin_access_surface Audit Fortigate administrative exposure from interfaces, admin accounts, and local-in policy. Read fortigate_get_auth_attack_summary Review recent event logs for admin/SSL-VPN username-password failures. Read fortigate_get_dynamic_routing_status Return BGP/OSPF runtime status and routing database views where available. Read fortigate_get_external_attack_surface Summarize externally reachable Fortigate services and published internal services. Read fortigate_get_firewall_policies Run 'show firewall policy' on the Fortigate and return firewall policy configuration. Read fortigate_get_interface_health Return link/speed/duplex/drop health for physical Fortigate interfaces. Read fortigate_get_interfaces Run 'get system interface' on the Fortigate and return interface state/configuration. Read fortigate_get_ipsec_vpns Return IPsec tunnel status and phase1/phase2 VPN configuration. Read fortigate_get_local_in_policy Return local-in firewall policy config for traffic destined to the Fortigate itself. Read fortigate_get_nat_overview Return DNAT/VIP, VIP groups, IP pools, central SNAT, and firewall NAT policy references. Read fortigate_get_policy_risk_summary Summarize firewall policy risks such as broad objects, service ALL, disabled logging, and disabled rules. Read fortigate_get_policy_routes Return policy-based routing rules that can override normal routing-table lookup. Read fortigate_get_proxy_policy_overview Return explicit-proxy and access-proxy policy configuration that can affect proxied traffic. Read fortigate_get_public_exposure List VIP/public NAT exposure and firewall policies that reference VIP objects. Read fortigate_get_recent_errors Review recent event logs and summarize warning/error/failure patterns. Read fortigate_get_routes Run 'get router info routing-table all' on the Fortigate and return the routing table. Read fortigate_get_sdwan_status Return SD-WAN runtime status and configuration if SD-WAN is available on the Fortigate. Read fortigate_get_security_profiles_overview Show security profiles referenced by firewall policies plus UTM profile definitions. Read fortigate_get_ssl_vpn_lan_connections Show current LAN destinations reached by connected SSL-VPN users. Read fortigate_get_ssl_vpn_users Run 'get vpn ssl monitor' and return currently connected SSL-VPN users. Read fortigate_get_system_status Run 'get system status' on the Fortigate and return version/license/uptime details. Read fortigate_get_traffic_controls Return DoS policies, traffic shapers, and per-IP shapers that can drop or rate-limit traffic. Read fortigate_get_vpn_error_summary Summarize IPsec/SSL-VPN tunnel state and recent VPN-related error logs. Read fortigate_get_vpn_overview Return SSL-VPN users and IPsec tunnel status in one concise view. Read fortigate_list_allowed_commands List predefined read-only Fortigate commands supported by this MCP server. Read fortigate_lookup_route_for_ip fortigate_lookup_route_for_ip Read fortigate_run_audit_readonly fortigate_run_audit_readonly Read fortigate_search_logs Search recent Fortigate logs with bounded execute log filters. Read fortigate_search_traffic_logs Search bounded traffic logs by fields such as srcip, dstip, policyid, service, action, or dstport. Read fortigate_trace_session fortigate_trace_session

Related servers

Other MCP servers with similar tools — same risk classification, starter policies for each.

Questions about Fortigate MCP

How do I prevent bulk modifications through Fortigate MCP? +

The Fortigate MCP server has 1 write tools including fortigate_export_readonly_snapshot. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach Fortigate MCP.

How many tools does the Fortigate MCP server expose? +

37 tools across 3 categories: Execute, Read, Write. 34 are read-only. 3 can modify, create, or delete data.

How do I enforce a policy on Fortigate MCP? +

Register the Fortigate MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every Fortigate MCP tool call.

Deterministic rules across all 37 Fortigate MCP tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

Instant setup, no code required.

37 Fortigate MCP tools catalogued and risk-classified — across an index of 43,000+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.