Home
Fortinet
Measuring Instruments
FortiAnalyzer-100A
Fortinet FortiAnalyzer-100A User Manual
5
of 1
of 1 rating
162 pages
Give review
Manual
Specs
To Next Page
To Next Page
Loading...
www.fortinet.com
FortiA
na
l
yz
er
V
ersion 3.0 MR3
ADMINISTRA
TION GUIDE
2
Table of Contents
Default Chapter
3
Table of Contents
3
Introduction
11
The Fortianalyzer Unit
11
Fortianalyzer-100A/100B
11
Fortianalyzer-400
12
Fortianalyzer-800
12
Fortianalyzer-2000
13
Fortianalyzer-4000
13
Fortianalyzer-4000A
13
Fortianalyzer Features
14
Reporting
14
Data Mining
14
Network Analyzer
14
Log Viewer
15
Real-Time Log Viewing
15
Log Aggregation
15
Quarantine
15
Network Attached Storage
15
About this Guide
15
Fortianalyzer Documentation
16
Fortinet Tools and Documentation CD
17
Fortinet Knowledge Center
17
Comments on Fortinet Technical Documentation
17
Customer Service and Technical Support
17
Installing the Fortianalyzer Unit
19
Planning the Installation
19
Connecting the Fortianalyzer Unit
20
Environmental Specifications
20
Air Flow
20
Mechanical Loading
20
Connecting to the Network
20
Configuring the Fortianalyzer Unit
21
Using the Web-Based Manager
23
Using the Command Line Interface
24
Using the Front Panel Buttons and LCD
25
Upgrading the Fortianalyzer Firmware
25
Backing up the Fortianalyzer Hard Disk
26
Shutting down the Fortianalyzer Unit
26
Configure the Fortianalyzer Unit
27
Dashboard
27
System Information
28
System Resources
28
License Information
29
Alert Message Console
29
Statistics
29
Report Engine
29
Automatic Refresh Interval
29
System Operation
29
Viewing Operational History
30
Viewing Session Information
30
Filtering Session Information
31
Viewing Alert Messages
31
Setting the Time
32
Restore Factory Default System Settings
32
Format the Log Disks
33
Restoring a Fortianalyzer Unit
33
Restoring a Fortianalyzer-100 or Fortianalyzer-400
33
Restoring a Fortianalyzer-100A/100B, 800, 2000 and 4000/4000A
34
Changing the Firmware
35
Changing the Host Name
36
Network Settings
36
Interface
36
Changing the Interface Settings
37
About Fortidiscovery
37
Dns
38
Routing
38
Adding a Route
38
Administrator Settings
39
Adding a New Administrator
39
Changing the Administrator Password
40
Access Profile
40
Auth Groups
41
RADIUS Server
42
Administrator Settings
42
Monitor
42
Administrative Domains
43
Enabling Administrative Domains
43
Disabling Administrative Domains
44
Configuring ADOM Settings
44
Creating a New ADOM
45
Adding a Device to an ADOM
45
Network Sharing
45
Adding Users
46
Adding Groups
46
Configuring Windows Shares
46
Assigning User Access
47
Configuring NFS Shares
48
Setting Folder and File Privileges
49
Configuring the Fortianalyzer Unit
49
Log Settings
50
Log Aggregation
51
Configuring an Aggregation Client
52
Configuring an Aggregation Server
53
IP Aliases
53
Importing an IP Alias List File
53
IP Alias Ranges
54
Raid
54
Configuring RAID on the Fortianalyzer-400 and Fortianalyzer-800
54
Configuring RAID on the Fortianalyzer-2000 and Fortianalyzer-4000/4000A
55
Maintenance
57
Backup & Restore
57
Update Center
58
RAID Levels
59
Linear
60
Raid 0
60
Raid 1
60
Raid 5
60
Raid 10
61
Raid 50
61
RAID 5 and RAID 10 with Hot Spare
61
Hot Swapping Hard Disks
61
Hot Swapping in the Fortianalyzer-400 and Fortianalyzer-800
61
Hot Swapping the Fortianalyzer-2000 and Fortianalyzer-4000/4000A
62
Devices
65
Devices List
65
Device Interaction with a Fortianalyzer Unit
66
Maximum Allowed Devices
66
Unregistered Device Options
67
Fortigate Units Connecting with Fortidiscovery
67
Unknown Devices Connecting to the Fortianalyzer Unit
68
Adding a Fortigate Unit
68
Defining Fortigate Port Interfaces
70
Adding an HA Cluster
70
Adding Forticlient Installations
71
Adding a Fortimanager Unit
72
Adding a Syslog Server
73
Device Groups
74
Blocked Devices
74
Viewing Blocked Devices
75
Logs
77
Log Viewer
77
Real-Time Log Viewer
77
Historical Log Viewer
78
Browse
80
Browsing Log Files
81
Importing a Log File
82
Downloading a Log File
82
Customizing the Log View
83
Customizing the Log Column Views
83
Filtering Logs
84
Filtering Tip
84
Search the Logs
84
Basic Search
85
Advanced Search
85
Search Tips
86
Printing the Search Results
86
Log Rolling
86
Content Archive
89
Content Viewer
89
Customizing the Content Log View
90
Customizing the Log Column Views
90
Filtering Content Logs
91
Filtering Tip
91
Log Rolling
91
Quarantine
95
Configuring Quarantine Settings
95
Viewing the Quarantined Files List
96
Forensic Analysis
97
Users and Groups
97
Adding Users
97
Creating Groups
98
Lookup
98
Where Does Fortianalyzer Get this Information
99
Searching User Data
100
Saving Search Results
100
Local Archive
101
Forensic Reports
101
Configuring Reports
101
Customizing the Report Properties
102
Configuring the Report Criteria
102
Configuring the Time Period
104
Configuring the Report Types
104
Configuring the Report Output
104
Viewing Forensic Reports
106
Traffic Summary and Security Events
107
Traffic Summaries
107
Top Users
107
Viewing Web Traffic
107
Viewing Email Traffic
108
Viewing FTP Traffic
109
Viewing Instant Messaging and P2P Traffic
109
Filtering Traffic Summaries
110
Filtering Tip
111
Device Summary
111
Traffic Report
112
Configuring a Traffic Report
112
Viewing Traffic Summary Reports
112
Security Event Summaries
113
Adding a Security Event Report
113
Viewing the Security Event Reports
113
Viewing Virus Activity
114
Viewing Intrusion Activity
115
Viewing Suspicious Activity
116
Viewing Administrative Activities
117
Reports
119
Configuring Reports
119
Configuring a Report Profile
120
Customizing the Report Properties
121
Configuring the Report Devices
122
Configuring the Report Scope
122
Configuring the Report Types
124
Configuring the Report Format
124
Configuring the Report Schedule
125
Configuring the Report Output
125
Browsing Reports
127
Viewing Reports
128
Default Reports
128
Report Types
129
Roll up Report
129
Individual Reports
129
Event Activity Codes
129
Alerts
131
Alert Events
131
Adding an Alert Event
131
Output
132
Mail Server
133
Testing the Mail Server Configuration
133
SNMP Access
133
Adding an SNMP Server
134
Syslog Servers
134
Adding a Syslog Server
135
Fortianalyzer SNMP Support
135
Fortianalyzer Traps
136
Fortigate MIB System Traps
136
Fortigate MIB Logging Traps
136
Fortigate MIB VPN Traps
136
Fortinet MIB System Fields
136
Fortinet Administrator Accounts
136
Fortinet Options
136
Fortinet Active IP Sessions
137
Rfc-1213 (Mib II)
137
RFC-2665 (Ethernet-Like MIB)
137
Network Analyzer
139
Connecting the Fortianalyzer for Analyzing Network Traffic
139
Traffic Viewer
140
Real-Time Traffic Viewer
140
Historical Traffic Viewer
141
Changing the Historical View Criteria
142
Browsing Network Traffic Logs
142
Browsing Network Traffic Log Files
143
Downloading a Network Traffic Log File
144
Customizing the Traffic Analyzer Log View
145
Customizing the Log Column Views
145
Filtering Network Traffic Logs
145
Filtering Tip
146
Search the Network Traffic Logs
146
Basic Search
146
Advanced Search
146
Search Tips
147
Printing the Search Results
147
Log Rolling
147
Vulnerability Scan
151
Modules
151
Jobs
152
Adding a New Vulnerability Scan Job
153
Reports
155
Index
157
5
Based on 1 rating
Ask a question
Give review
Questions and Answers:
Need help?
Do you have a question about the Fortinet FortiAnalyzer-100A and is the answer not in the manual?
Ask a question
Fortinet FortiAnalyzer-100A Specifications
General
Brand
Fortinet
Model
FortiAnalyzer-100A
Category
Measuring Instruments
Language
English
Need help?
General
To Next Page