FortiAnalyzer Version 3.0 MR3 Administration Guide
66 05-30003-0082-20060925
Devices List Devices
Device interaction with a FortiAnalyzer unit
FortiGate, FortiManager and Syslog devices use the syslog protocol, sending log
packets using udp port 514,when sending log packets to the FortiAnalyzer unit.
When the FortiAnalyzer unit receives the packet, the FortiAnalyzer unit adds the
device to the list of unregistered devices.
Maximum allowed devices
Each FortiAnalyzerunit has a maximum number of device licenses it can support
and still provide effective logging and reporting capabilities. The following table
details these maximums.
Table 10: FortiAnalyzer Maximum supported devices
Name The name of the device.
Hardware The model of the device. For example, FortiGate-300A appears as
FGT300A.
IP Address The IP address of the device.
Administrative
Domains
The ADOM configured for the device.
Log Tx Rx
Report Tx Rx
Content Tx Rx
Quar Tx Rx
Displays the permissions that each device has for sending and
viewing logs and reports when connected to the FortiAnalyzer
unit.
• Tx indicates the device is configured to transmit log packets to
the FortiAnalyzer unit.
• Rx indicates the device is allowed to view reports and logs
stored on the FortiAnalyzer unit directly from the device. This
feature is only available on FortiGate units running FortiOS
3.0. This permission will appear red (unavailable) for Syslog
devices by default.
For a FortiManager unit, Tx indicates full access for all devices
managed by the FortiManager unit; Rx indicates that the
FortiManager unit can configure the FortiAnalyzer unit.
Secure Connection Indicates there is an IPSec tunnel connection between the device
and the FortiAnalyzer unit for the transmission of logs, content and
quarantined files. For details on creating a secure connection, see
“Adding a FortiGate unit” on page 68.
Disk Space (MB)
Used/Allocated
Displays the amount of the FortiAnalyzer disk space is allocated
for the device and how much of that space is used.
Action Select Edit to edit the device configuration.
Select Delete to remove a device from the list.
Select to add register an unregistered device so the FortiAnalyzer
unit can begin receiving the device’s log messages.
For an unregistered device, select Block to stop the device from
attempting to connect to the FortiAnalyzer unit to send log
messages. For details on blocking a device see “Blocked Devices”
on page 74.
FortiGate and/or Syslog FortiManager FortiClient
FortiAnalyzer-100 10 (FortiGate-50A to
FortiGate-100A only)
1 None
FortiAnalyzer-100A/100B 10 (FortiGate-50A to
FortiGate-100A only)
1 None
FortiAnalyzer-400 200 (FortiGate-50A to
FortiGate-800 only)
1 2000
To Next Page
Loading...
Need help?
General