FortiGate-500 安装和配置指南 2.50

日志和报告

您可以将 FortiGate 设备配置为记录网络的各种活动,从常规配置的改变和通讯会 话直到紧急事件。您还可以将 FortiGate 设备配置为发送警报邮件消息以提系统管 理员当前发生的事件,例如网络攻击,病毒入侵以及防火墙和 VPN 事件。

本章描述了以下内容: ·记录日志 ·过滤日志消息 ·配置通讯日志 ·查看记录到内存的日志

·查看和管理保存在硬盘上的日志 ·配置报警邮件

记录日志

通过配置日志可以在以下一个或多个地点记录日志:

·运行系统日志服务的电脑。

·运行 WebTrends 防火墙报告服务的电脑。

·FortiGate 的硬盘 (如果您的 FortiGate 内装有硬盘)。 ·控制台。

如果您的 FortiGate 设备没有配备硬盘,您也可以将日志配置为将事件、攻击、防 病毒、网页过滤和电子邮件过滤日志记录到 FortiGate 系统内存。把日志记录到内 存允许快速地访问最近记录的日志条目。如果 FortiGate 重新启动,所有的日志条目 会丢失。

您可以将不同级别的日志记录到不同的位置。例如,您可能希望只将紧急消息和警 报消息记录到 FortiGate 内存,而将其他级别的消息记录到一个远程计算机上。

关于过滤日志类型和 FortiGate 设备记录日志的方式的详细信息,请见 第 244

过滤日志消息。关于通讯日志的信息,请见 第 245 页 配置通讯日 志

本节描述了以下内容:

·在远程电脑上记录日志

·在 NetIQ WebTrends 服务器上记录日志 ·将日志记录到 FortiGate 硬盘 ·将日志记录到系统内存

FortiGate-500 安装和配置指南

241

Page 253
Image 253
Fortinet 500 manual 记录日志, 241, ·查看和管理保存在硬盘上的日志 ·配置报警邮件, 过滤日志消息 。关于通讯日志的信息,请见 第 245 页 配置通讯日 志 。

500 specifications

Fortinet 500 is a next-generation firewall (NGFW) that is part of Fortinet's acclaimed FortiGate family, designed to provide advanced security for medium to large enterprises. This appliance is known for its high performance, flexibility, and ability to protect networks from a variety of cyber threats through its robust features and technologies.

One of the main features of the Fortinet 500 is its integrated security capabilities. It combines multiple security functions into a single device, allowing organizations to manage everything from intrusion prevention and antivirus to web filtering and application control. This integration leads to simplified management and increased efficiency, as users can address multiple security needs without deploying multiple devices.

The Fortinet 500 runs on the FortiOS operating system, which is known for its simplicity and user-friendliness. FortiOS provides a centralized management interface that allows for the easy configuration and monitoring of security policies across the entire network. Additionally, the Fortinet management tools, such as FortiManager and FortiAnalyzer, enable detailed insights and reporting capabilities, helping organizations stay compliant with their security mandates.

Another characteristic that sets Fortinet 500 apart is its advanced threat intelligence, powered by the FortiGuard Labs. This global threat intelligence system continuously updates the firewall with the latest threat signatures and attack vectors, ensuring that organizations stay ahead of emerging threats. The firewall also employs machine learning and artificial intelligence to detect and mitigate sophisticated attacks in real-time.

Performance is crucial in any security appliance, and the Fortinet 500 does not disappoint. With hardware acceleration and purpose-built security processors, it delivers high throughput levels, enabling organizations to maintain productivity without sacrificing security. This level of performance is particularly beneficial in environments with heavy traffic and bandwidth demands.

In addition to these core features, the Fortinet 500 supports seamless integration with other security solutions within the Fortinet Security Fabric. This comprehensive approach allows for greater visibility and control over the entire security posture of an organization.

Overall, the Fortinet 500 is a powerful NGFW that offers a blend of advanced security features, ease of management, top-notch performance, and robust threat intelligence. Its ability to adapt to the ever-evolving landscape of cybersecurity makes it a valuable asset for businesses seeking to safeguard their digital assets and ensure seamless network operation.