Using the AMC modules

AMC modules

Upload rolled files in Select to compress the log files before uploading. gzipped format

Delete files after Select to remove the log files once the FTP upoad has completed. uploading

Log configuration using the CLI

Configure the FortiGate unit to log to the ASM-S08 using the CLI within the FortiAnalyzer command config log disk setting enable.

For details on log configuration, see the FortiGate CLI Reference.

Viewing logs

Logs and content logs stored on the ASM-S08 are available for viewing and analysis.

To view the FortiGate logs, go to Log&Report > Log Access.

To view the content logs, go to Log&Report > Content Archive. Select the log type and select Local from the list box.

Note: HA logging is not available with the AMC-S08.

ASM-FB4 and ADM-XB2 modules

AMC (Advanced Mezzanine Card) modules provide additional hardware accelerated network processing for certain eligible traffic types passing through their SFP (small form-factor pluggable) network interfaces. This additional processing resource frees FortiGate units’ main processing resources for other tasks, improving network performance.

FortiGate-ASM-FB4 modules can improve network throughput for:

traffic with small packets, such as VoIP

latency-sensitive traffic, such as streaming multimedia

traffic with long session lifetimes, such as FTP

IPSec VPN traffic

active-active HA load-balanced traffic

P2P traffic

Eligible traffic processing is off-loaded to the module. This fast path processing leverages the additional hardware acceleration resources provided by the AMC modules.

Ineligible traffic processing is processed normally. Normal processing by the FortiGate unit’s main processing resources (CPU, RAM, and FortiASIC content processor) can include some FortiASIC hardware accelerated processing, but does not utilize the additional hardware acceleration resources provided by the modules.

Changing interfaces to operate in SGMII or SerDes mode

SFP transceivers can operate in two modes: SerDes and SGMII (Serial Gigabit Media Independent Interface). SGMII mode is required if you have SGMII transceivers. In SGMII mode the interface can operate at 10, 100, or 1000 Mbps.

 

FortiGate-3016B FortiOS 3.0 MR6 Install Guide

42

01-30006-0458-20080318

Page 42
Image 42
Fortinet 3016B manual Log configuration using the CLI, Viewing logs, ASM-FB4 and ADM-XB2 modules

3016B specifications

The Fortinet 3016B is a robust firewall solution designed to meet the dynamic security needs of modern enterprises. As part of the FortiGate product line, the 3016B combines advanced security features with high performance, catering to organizations that require reliability and efficiency in managing their network security.

One of the primary features of the Fortinet 3016B is its high throughput capabilities. It supports up to 40 Gbps of firewall throughput and an impressive 7.5 Gbps of intrusion prevention system (IPS) throughput. This ensures that even at peak network loads, the firewall can maintain strong performance without compromising security. This feature is particularly important for businesses that handle large volumes of data and require seamless connectivity for their operational efficiency.

The 3016B leverages Fortinet's proprietary FortiOS operating system, which is known for its user-friendly interface and comprehensive security functionalities. FortiOS includes a variety of tools such as a next-generation firewall (NGFW), antivirus protection, web filtering, and application control, all incorporated into a single platform. This consolidation helps in simplifying management while providing extensive security coverage against a wide array of cyber threats.

Moreover, the Fortinet 3016B incorporates advanced threat intelligence capabilities powered by FortiGuard Labs. This allows the firewall to stay updated with real-time threat feeds, enabling the organization to respond proactively to emerging threats and vulnerabilities. The integration of AI-driven analytics enhances anomaly detection and helps in identifying potential breaches before they can escalate.

Another notable characteristic of the 3016B is its scalability. Designed for medium to large enterprises, it can easily integrate into existing infrastructure and scale as business needs grow. With support for multiple virtual domains (VDOMs), organizations can create isolated environments for different departments or functions, maintaining policy separations while optimizing resource utilization.

In terms of connectivity, the Fortinet 3016B offers various interfaces, including multiple 1G and 10G Ethernet ports, ensuring flexible deployment options. The device also supports high availability (HA) configurations, which provide redundancy and minimize downtime.

Overall, the Fortinet 3016B is an exceptional solution that combines superior security features with high performance and scalability, making it a prime choice for organizations looking to strengthen their network security posture without sacrificing efficiency. With its comprehensive capabilities, it empowers businesses to tackle today’s cybersecurity challenges effectively.