Manuals / Brands / Computer Equipment / Network Card / Fortinet / Computer Equipment / Network Card

Fortinet FortiLog-100, FortiLog-400, FortiLog-800 Configure Administrator access

1 124

Download 124 pages, 2.28 Mb

Managing the FortiLog unit Config

FortiLog Administration Guide 05-16000-0082-20050115 47

Figure 19:Admin

Configure Administrator access

Configure administrative access to allow remote administration of the FortiLog unit.

However, allowing remote administration could compromise the security of your

FortiLog unit. To improve the security of a FortiLog unit use the following principles

when configuring administrative access:

• Use secure administrator passwords,

• Change these passwords regularly,

• Enable secure administrative access to this interface using only HTTPS or SSH,

• Do not change the system idle timeout from the default value of 5 minutes.

Create New Select Create New to add an administrator account.

Name The login name for the administrator account.

Trusted host The trusted host IP address for the location from which the administrator can

log into the web-based manager. If Trusted Host is 0.0.0.0 the administrator

can log in from any IP address.

Netmask The trusted host netmask for the location from which the administrator can log

into the web-based manager. If Netmask is 0.0.0.0 there is no restriction on the

netmask.

Permission The permission level for the administrator. Permission can be all, read & write,

or read only.

Modify Select Edit to change an administrator account. Select Change Password to

change an administrator account password.

Administrative

Access

Configure administrative access to control how administrators access the

FortiLog unit.

HTTPS To allow secure HTTPS connections to the FortiLog web-based manager.

PING If you want the FortiLog unit to respond to pings. Use this setting to verify your

installation and for testing.

HTTP To allow HTTP connections to the FortiLog web-based manager. HTTP

connections are not secure and can be intercepted by a third party.

SSH To allow secure SSH connections to the FortiLog CLI.

SNMP To allow a remote SNMP manager to request SNMP information by connecting

to this interface.

TELNET To allow Telnet connections to the FortiLog CLI. Telnet connections are not

secure and can be intercepted by a third party.

Contents

Main FortiLog Administration Guide Page Table of Contents 4 Page 6 Introduction 8 Operational Modes Active Mode Introduction Operational Modes FortiLog Administration Guide 05-16000-0082-20050115 9 Figure 3: FortiLog Active mode network architecture Passive Mode Figure 4: FortiLog unit in Passive mode Internet About this guide FortiLog documentation Related documentation FortiGate documentation 12 FortiManager documentation FortiClient documentation FortiMail documentation Fortinet Knowledge Center Customer service and technical support Page Setting up the FortiLog unit Checking the package contents 16 FortiLog-800 Accessories for each model Back Front Hardware specifications Dimensions Planning the installation Connecting the FortiLog unit Configuring the FortiLog unit Using the web-based manager 20 Using the command line interface Page Page Connecting to the FortiLog Unit Sending device logs to the FortiLog unit Configuring FortiGate unit running FortiOS 2.8 24 Configuring FortiGate devices running FortiOS 2.5 Configuring FortiMail devices 26 Configuring the FortiLog unit Adding a device Defining device port interfaces 28 Creating Device Groups Managing the FortiLog unit Status Status Page Changing the FortiLog host name Changing operating modes 32 Viewing system resources information Changing the firmware Installing firmware from a system reboot Page Testing a new firmware image 36 Installing a backup firmware image Page 38 Switching to a backup firmware image Switching to the default firmware image Backing up system settings Downlading the FortiLog debug log 40 Restoring system settings Restore factory default system settings ! RAID 42 Config Network RAID To configure the FortiLog RAID level and check the RAID disk space, go to System > Config > RAID. 44 Log settings Log policy 46 Time Options Admin Configure Administrator access 48 Administrator account levels Administrator options Changing the Administrator password Devices (Active mode) Page Alert Email Server 52 Local Device (Active mode) Creating a new device alert Page Alerts Network Sharing Defining IP aliases Page Reports Creating and generating a report 58 Configuring report parameters Configuring a report query 60 Creating a query profile Selecting the devices for the report Creating a device profile Select filtering options 62 Creating a filter profile Setting a report schedule Creating a report schedule profile Choosing the report destination and format 64 Creating a report destination and format profile Reports on demand Viewing reports Page Vulnerability reports Creating and generating a report 68 Selecting report result parameters Selecting plug-ins Creating a plug-in profile Selecting the scan targets for the report 70 Creating a scan target profile Choosing the report destination and format Creating a report destination and format profile 72 Viewing the vulnerability report Using Logs The Log view interface The log viewer interface provides a means of viewing device log files. Viewing logs The log viewer interface provides a display of log data that you can organize and format. Finding log information Page Importing log files Log Search Log watch (Active mode) Event correlation (Active mode) Page Using the FortiLog unit as a NAS Connecting to the FortiLog file system 82 Providing access to the FortiLog hard disk Selecting a file sharing protocol Adding and modifying user accounts Adding and modifying group accounts Assigning access to folders Page Modifying the user or group folder access Setting folder and file properties FortiLog CLI reference CLI documentation conventions 88 Connecting to the CLI Connecting to the FortiLog-800 console Setting administrative access for SSH or Telnet 90 Connecting to the FortiLog CLI using SSH Connecting to the FortiLog CLI using Telnet ! CLI commands The FortiLog CLI commands include: execute branch get branch set branch unset branch execute branch 92 get branch Use get to display settings, logs, or system information. Page 94 set branch Use set to configure settings, logs, or system information. set alertemail Use set alertemail to configure alert mails. Page Page set console Use set console to set console configuration. 98 set log Use set log to configure log settings Page Page Page Page set NAS 104 set report Use set system to configure the FortiLog system settings. Use set report to configure the FortiLog report settings. set system Page Page Page Page Page 110 unset branch Use unset to remove configuration of alert email, log, and system. Page Page Appendix A: Log Report Types Network Activity Web Activity 114 FTP Activity FTP reports record total FTP access activities including traffic direction, sites and connections. Terminal Activity Terminal activity reports record total Terminal/CLI access activities. Mail activity reports record Email traffic and connections. Mail Activity 116 Intrusion Activity Intrusion activity reports record top network attacks and top attacks by a specific time. Antivirus Activity Web Filter Activity Mail Filter Activity 118 VPN Activity Content Activity Page Page Index A B C D 122 L M N O