Manuals
/
Brands
/
Computer Equipment
/
Network Card
/
Fortinet
/
Computer Equipment
/
Network Card
Fortinet
3.0 MR7 manual
1
1
234
234
Download
234 pages, 4.75 Mb
www.fortinet.com
FortiAnalyzer
Version 3.0 MR7
ADMINISTRATION GUIDE
Contents
Main
Page
Contents
Whats new for 3.0 MR7................................................................... 13
Administrative Domains (ADOMs).................................................. 19
Page
Content Archive ............................................................................. 107
Network Analyzer........................................................................... 141
Managing firmware versions......................................................... 169
Appendix: FortiAnalyzer reports in 3.0 MR7 ............................... 185
Introduction
About this document
Fortinet documentation
Fortinet Tools and Documentation CD
Fortinet Knowledge Center
Comments on Fortinet technical documentation
Customer service and technical support
Page
Whats new for 3.0 MR7
Page
3.0 MR7 new features and changes
Power supply monitoring for FortiAnlayzer-2000A and 4000A
Registered devices hard limits
CLI displays the tasks in the upload queue
Dashboard enhancements
Custom fields for log messages
Reports
Report configuration enhancements
VoIP reports
Alert email configuration changes
Administrative Domains (ADOMs)
About administrative domains (ADOMs)
Page
Page
Configuring ADOMs
Page
Accessing ADOMs as the admin administrator
Assigning administrators to an ADOM
System
Dashboard
Page
Tabs
RAID Monitor
System Information
Rebuilding icon
Setting the time
Changing the host name
Changing the firmware
License Information
System Resources
Viewing operational history
System Operation
Formatting the log disks
Resetting to the default configuration
Alert Message Console
Viewing alert console messages
Statistics
Viewing session information
Filtering session information
Report Engine
Log Receive Monitor
Intrusion Activity
Virus Activity
Top FTP Traffic
Top Email Traffic
Top IM/P2P Traffic
Top Traffic
Top Web Traffic
3Enter the appropriate information for the following:
4Select OK.
Network
Interface
Changing interface settings
About Fortinet Discovery Protocol
DNS
Routing
Adding a route
Admin
Adding or editing an administrator account
3Configure the following options and select OK.
Changing an administrators password
Access Profile
Auth Group
RADIUS Server
Administrator Settings
Monitor
Network Sharing
Adding share users
Adding share groups
Configuring Windows shares
Assigning user permissions
Configuring NFS shares
Default file permissions on NFS shares
Config
Automatic file deletion and local log settings
Page
Configuring log aggregation
Page
Configuring an aggregation client
Configuring an aggregation server
Configuring log forwarding
Configuring IP aliases
Importing an IP alias list file
IP alias ranges
Configuring RAID
RAID levels
Page
Hot swapping hard disks
Page
Hot swapping the FortiAnalyzer-2000/2000A and FortiAnalyzer-4000/4000A
Configuring RAID on the FortiAnalyzer-400 and FortiAnalyzer-800/800B
Configuring RAID on the FortiAnalyzer-2000/2000A and FortiAnalyzer-4000/4000A
Configuring LDAP connections
Page
Maintenance
Backup & Restore
FortiGuard Center
Page
Page
Page
Device
Viewing the device list
Page
Page
Maximum number of devices
Unregistered vs. registered devices
Configuring unregistered device connection attempt handling
or the following options for unknown device types:
Manually adding a device
Page
Page
Classifying FortiGate network interfaces
Manually adding a FortiGate unit using the Fortinet Discovery Protocol (FDP)
Page
Blocking device connection attempts
Configuring device groups
Page
Log
Viewing log messages
Viewing current log messages
Viewing historical log messages
Column Settings
Browsing log files
Viewing log file contents
Importing a log file
Downloading a log file
Customizing the log view
Page
Page
Searching the logs
Page
Search tips
Printing the search results
Downloading the search results
Rolling and uploading logs
Page
Page
Page
Content Archive
Viewing content archives
Page
Customizing the content archive view
Page
Page
Searching full email content archives
Page
Page
Reports
Configuring reports
Configuring report layout
Page
Page
Page
Page
Configuring report schedules
Page
Page
Configuring data filter templates
Page
Page
4Select OK.
Configuring report output templates
Page
Page
Configuring language
Page
Page
Page
Browsing reports
Page
Page
Quarantine
Viewing quarantined files
Page
Alert
Alert Events
Adding an alert event
3Configure the following options:
Output
Configuring alerts by email server
Testing the mail server configuration
Configuring SNMP traps and alerts
Page
Adding an SNMP server
FortiAnalyzer SNMP support
Page
Configuring alerts by Syslog server
Adding a Syslog server
Page
Page
Network Analyzer
Connecting the FortiAnalyzer unit to analyze network traffic
Page
Viewing Network Analyzer log messages
Viewing current Network Analyzer log messages
Viewing historical Network Analyzer log messages
Browsing Network Analyzer log files
Viewing Network Analyzer log file contents
Page
Downloading a Network Analyzer log file
Customizing the Network Analyzer log view
Page
Page
Searching the Network Analyzer logs
Search tips
Printing the search results
Downloading the search results
Rolling and uploading Network Analyzer logs
Page
Page
Tools
Preparing for the vulnerability scan job
Preparing Windows target hosts
Page
Page
Preparing Unix target hosts
Viewing vulnerability scan modules
Page
Configuring vulnerability scan jobs
Page
To configure a vulnerability scan job 1Go to Tools > Vulnerability Scan > Job.
3Complete the following:
4Select the blue arrow to expand Scan Option. 5Complete the following:
Page
Viewing vulnerability scan reports
File Explorer
Page
Page
Managing firmware versions
Backing up your configuration
Backing up your configuration using the web-based manager
Backing up your configuration using the CLI
Backing up your log files
Page
Testing firmware before upgrading
Page
Upgrading your FortiAnalyzer unit
Upgrading to FortiAnalyzer 3.0
Upgrading using the web-based manager
Upgrading using the CLI
Verifying the upgrade
Reverting to a previous firmware version
Downgrading to FortiLog 1.6
Verifying the downgrade
Downgrading to FortiLog 1.6 using the CLI
Page
Restoring your configuration
Restoring configuration settings on a FortiAnalyzer unit
Page
Restoring your configuration settings using the web-based manager
Restoring your configuration settings using the CLI
Page
Page
Appendix: FortiAnalyzer reports in 3.0 MR7
FortiGate reports
Intrusion Activity
The FortiAnalyzer 3.0 MR6 report, Top Attack Sources, did not changed in FortiAnalyzer 3.0 MR7.
Antivirus Activity
Page
Page
Webfilter Activity
Antispam Activity
IM Activity
VoIP reports
The following table contains the new VoIP reports that are available in FortiAnalyzer 3.0 MR7.
Content Activity
Network Activity
Web Activity
Mail Activity
FTP Activity
Terminal Activity
VPN Activity
Event Activity
The report, Top Event Categories by Status, was removed.
P2P Activity
Audit Activity
Summary Reports
The following reports remain unchanged but are moved to a new category in FortiAnalyzer 3.0 MR7:
Forensic Reports
Audit
Detailed
The report, Top Client Requests to Permitted Sites, was removed.
Summary
FortiMail Reports
The following tables explain what FortiMail reports changed in FortiAnalyzer 3.0 MR7.
Mail High Level
Page
Mail Sender
Mail Recipient Activity
Mail Destination IP
Spam Sender
Spam Recipient
Spam Destination IP
Virus Sender
Page
Virus Recipient
Virus Destination IP
FortiClient Reports
Index
A
B
C
D
E
F
G
H
I
K
L
M
N
O
P
Q
R
S
T
U
V
W
X