Fortinet Fortianalyzer-100a Instruction Manual

www.fortinet.com

FortiAnalyzer

Version 3.0 MR3

ADMINISTRATION GUIDE

FortiAnalyzer Administration Guide

Version 3.0 MR3

25 September 2006

05-30003-0082-20060925

publication including text, examples, diagrams or illustrations may be

reproduced, transmitted, or translated in any form or by any means,

electronic, mechanical, manual, optical or otherwise, for any purpose,

without prior written permission of Fortinet, Inc.

Trademarks

ABACAS, APSecure, FortiASIC, FortiBIOS, FortiBridge, FortiClient,

FortiGate, FortiGuard, FortiGuard-Antispam, FortiGuard-Antivirus,

FortiGuard-Intrusion, FortiGuard-Web, FortiLog, FortiAnalyzer,

FortiManager, Fortinet, FortiOS, FortiPartner, FortiProtect, FortiReporter,

FortiResponse, FortiShield, FortiVoIP, and FortiWiFi are trademarks of

Fortinet, Inc. in the United States and/or other countries. The names of

actual companies and products mentioned herein may be the trademarks

of their respective owners.

Regulatory compliance

FCC Class A Part 15 CSA/CUS

Caution: If you install a battery that is not the correct type, it could

explode. Dispose of used batteries according to local regulations.

Contents

FortiAnalyzer Version 3.0 MR3 Administration Guide

05-30003-0082-20060925 3

Contents

Introduction ...................................................................................... 11

The FortiAnalyzer Unit .................................................................................... 11

FortiAnalyzer-100A/100B ............................................................................ 11

FortiAnalyzer-400........................................................................................ 12

FortiAnalyzer-800........................................................................................ 12

FortiAnalyzer-2000...................................................................................... 13

FortiAnalyzer-4000...................................................................................... 13

FortiAnalyzer-4000A ................................................................................... 13

FortiAnalyzer features..................................................................................... 14

Reporting..................................................................................................... 14

Data mining ................................................................................................. 14

Network analyzer ........................................................................................ 14

Log viewer................................................................................................... 15

Real-time log viewing .................................................................................. 15

Log Aggregation.......................................................................................... 15

Quarantine .................................................................................................. 15

Network Attached Storage .......................................................................... 15

About this guide .............................................................................................. 15

FortiAnalyzer documentation......................................................................... 16

Fortinet Tools and Documentation CD........................................................ 17

Fortinet Knowledge Center ......................................................................... 17

Comments on Fortinet technical documentation......................................... 17

Customer service and technical support ...................................................... 17

Installing the FortiAnalyzer unit ..................................................... 19

Planning the installation ................................................................................. 19

Connecting the FortiAnalyzer unit ................................................................. 20

Environmental specifications....................................................................... 20

Air flow ........................................................................................................ 20

Mechanical loading ..................................................................................... 20

Connecting to the network .......................................................................... 20

Configuring the FortiAnalyzer unit ................................................................ 21

Using the web-based manager ................................................................... 23

Using the command line interface............................................................... 24

Using the front panel buttons and LCD ....................................................... 25

Upgrading the FortiAnalyzer firmware .......................................................... 25

Backing up the FortiAnalyzer hard disk........................................................ 26

Shutting down the FortiAnalyzer unit............................................................ 26

FortiAnalyzer Version 3.0 MR3 Administration Guide

405-30003-0082-20060925

Contents

Configure the FortiAnalyzer unit .................................................... 27

Dashboard........................................................................................................ 27

System Information ..................................................................................... 28

System Resources...................................................................................... 28

License Information..................................................................................... 29

Alert Message Console............................................................................... 29

Statistics...................................................................................................... 29

Report Engine ............................................................................................. 29

Automatic Refresh Interval.......................................................................... 29

System Operation ....................................................................................... 29

Viewing operational history ......................................................................... 30

Viewing Session information....................................................................... 30

Filtering session information................................................................. 31

Viewing Alert messages.............................................................................. 31

Setting the time ........................................................................................... 32

Restore factory default system settings ...................................................... 32

Format the log disks.................................................................................... 33

Restoring a FortiAnalyzer unit..................................................................... 33

Restoring a FortiAnalyzer-100 or FortiAnalyzer-400 ............................ 33

Restoring a FortiAnalyzer-100A/100B, 800, 2000 and 4000/4000A..... 34

Changing the firmware................................................................................ 35

Changing the host name............................................................................. 36

Network settings.............................................................................................. 36

Interface ...................................................................................................... 36

Changing the interface settings ............................................................ 37

About FortiDiscovery ............................................................................ 37

DNS ............................................................................................................ 38

Routing........................................................................................................ 38

Adding a route ...................................................................................... 38

Administrator settings .................................................................................... 39

Adding a new administrator ........................................................................ 39

Changing the administrator password.................................................. 40

Access Profile ............................................................................................. 40

Auth Groups................................................................................................ 41

RADIUS Server........................................................................................... 42

Administrator Settings................................................................................. 42

Monitor ........................................................................................................ 42

Administrative domains.................................................................................. 43

Enabling administrative domains ................................................................ 43

Disabling administrative domains ............................................................... 44

Configuring ADOM settings ........................................................................ 44

Creating a new ADOM ................................................................................ 45

Adding a device to an ADOM...................................................................... 45

Contents

FortiAnalyzer Version 3.0 MR3 Administration Guide

05-30003-0082-20060925 5

Network sharing............................................................................................... 45

Adding users ............................................................................................... 46

Adding groups ............................................................................................. 46

Configuring Windows shares ...................................................................... 46

Assigning user access ................................................................................ 47

Configuring NFS shares.............................................................................. 48

Setting folder and file privileges .................................................................. 49

Configuring the FortiAnalyzer unit ................................................................ 49

Log Settings ................................................................................................ 50

Log Aggregation.......................................................................................... 51

Configuring an aggregation client ......................................................... 52

Configuring an aggregation server ....................................................... 53

IP Aliases .................................................................................................... 53

Importing an IP alias list file.................................................................. 53

IP alias ranges ...................................................................................... 54

RAID............................................................................................................ 54

Configuring RAID on the FortiAnalyzer-400 and FortiAnalyzer-800..... 54

Configuring RAID on the FortiAnalyzer-2000 and FortiAnalyz-

er-4000/4000A ................................................................................... 55

Maintenance..................................................................................................... 57

Backup & Restore ....................................................................................... 57

Update center.............................................................................................. 58

RAID levels....................................................................................................... 59

Linear .......................................................................................................... 60

RAID 0......................................................................................................... 60

RAID 1......................................................................................................... 60

RAID 5......................................................................................................... 60

RAID 10....................................................................................................... 61

RAID 50....................................................................................................... 61

RAID 5 and RAID 10 with hot spare............................................................ 61

Hot swapping hard disks ............................................................................. 61

Hot swapping in the FortiAnalyzer-400 and FortiAnalyzer-800 ............ 61

Hot swapping the FortiAnalyzer-2000 and FortiAnalyzer-4000/4000A. 62

Devices.............................................................................................. 65

Devices List...................................................................................................... 65

Device interaction with a FortiAnalyzer unit ................................................ 66

Maximum allowed devices .......................................................................... 66

Unregistered device options........................................................................ 67

FortiGate units connecting with FortiDiscovery........................................... 67

Unknown devices connecting to the FortiAnalyzer unit............................... 68

Adding a FortiGate unit................................................................................... 68

Defining FortiGate port interfaces ............................................................... 70

Adding an HA cluster .................................................................................. 70

Adding FortiClient installations ..................................................................... 71

FortiAnalyzer Version 3.0 MR3 Administration Guide

605-30003-0082-20060925

Contents

Adding a FortiManager unit............................................................................ 72

Adding a Syslog server................................................................................... 73

Device Groups ................................................................................................. 74

Blocked Devices.............................................................................................. 74

Viewing blocked devices............................................................................. 75

Logs .................................................................................................. 77

Log Viewer ....................................................................................................... 77

Real-time log viewer ................................................................................... 77

Historical log viewer .................................................................................... 78

Browse.............................................................................................................. 80

Browsing log files ........................................................................................ 81

Importing a log file....................................................................................... 82

Downloading a log file................................................................................. 82

Customizing the log view ............................................................................... 83

Customizing the log column views.............................................................. 83

Filtering logs................................................................................................ 84

Filtering tip............................................................................................ 84

Search the logs................................................................................................ 84

Basic search ............................................................................................... 85

Advanced search ........................................................................................ 85

Search tips .................................................................................................. 86

Printing the search results .......................................................................... 86

Log rolling........................................................................................................ 86

Content archive................................................................................ 89

Content viewer................................................................................................. 89

Customizing the content log view ................................................................. 90

Customizing the log column views.............................................................. 90

Filtering content logs................................................................................... 91

Filtering tip............................................................................................ 91

Log rolling........................................................................................................ 91

Quarantine........................................................................................ 95

Configuring quarantine settings .................................................................... 95

Viewing the quarantined files list................................................................... 96

Forensic Analysis ............................................................................ 97

Users and groups............................................................................................ 97

Adding users ............................................................................................... 97

Creating groups .......................................................................................... 98

Lookup ........................................................................................................ 98

Where does FortiAnalyzer get this information?................................... 99

Contents

FortiAnalyzer Version 3.0 MR3 Administration Guide

05-30003-0082-20060925 7

Searching user data ...................................................................................... 100

Saving search results................................................................................ 100

Local archive ............................................................................................ 101

Forensic Reports ........................................................................................... 101

Configuring reports.................................................................................... 101

Customizing the report properties....................................................... 102

Configuring the report criteria ............................................................. 102

Configuring the time period................................................................. 104

Configuring the report types ............................................................... 104

Configuring the report output .............................................................. 104

Viewing Forensic Reports ......................................................................... 106

Traffic summary and security events........................................... 107

Traffic Summaries ......................................................................................... 107

Top Users.................................................................................................. 107

Viewing Web traffic ............................................................................. 107

Viewing Email traffic ........................................................................... 108

Viewing FTP traffic.............................................................................. 109

Viewing Instant Messaging and P2P traffic ........................................ 109

Filtering traffic summaries ......................................................................... 110

Filtering tip .......................................................................................... 111

Device Summary....................................................................................... 111

Traffic Report ............................................................................................ 112

Configuring a traffic report .................................................................. 112

Viewing traffic summary reports ......................................................... 112

Security event summaries ............................................................................ 113

Adding a security event report .................................................................. 113

Viewing the security event reports ............................................................ 113

Viewing virus activity ................................................................................. 114

Viewing Intrusion activity........................................................................... 115

Viewing Suspicious activity ....................................................................... 116

Viewing administrative activities................................................................ 117

Reports............................................................................................ 119

Configuring reports....................................................................................... 119

Configuring a report profile........................................................................ 120

Customizing the report properties....................................................... 121

Configuring the report devices............................................................ 122

Configuring the report scope .............................................................. 122

Configuring the report types ............................................................... 124

Configuring the report Format............................................................. 124

Configuring the report schedule.......................................................... 125

Configuring the report output .............................................................. 125

FortiAnalyzer Version 3.0 MR3 Administration Guide

805-30003-0082-20060925

Contents

Browsing reports........................................................................................... 127

Viewing reports ......................................................................................... 128

Default reports .......................................................................................... 128

Report types.............................................................................................. 129

Roll up report ...................................................................................... 129

Individual reports ................................................................................ 129

Event activity codes............................................................................ 129

Alerts............................................................................................... 131

Alert Events.................................................................................................... 131

Adding an alert event ................................................................................ 131

Output............................................................................................................. 132

Mail server ................................................................................................ 133

Testing the Mail server configuration.................................................. 133

SNMP access ........................................................................................... 133

Adding an SNMP server ..................................................................... 134

Syslog Servers.......................................................................................... 134

Adding a Syslog server....................................................................... 135

FortiAnalyzer SNMP support.............................................................. 135

FortiAnalyzer traps.................................................................................... 136

FortiGate MIB System Traps .............................................................. 136

FortiGate MIB Logging Traps ............................................................. 136

FortiGate MIB VPN Traps................................................................... 136

Fortinet MIB System fields.................................................................. 136

Fortinet Administrator Accounts ......................................................... 136

Fortinet Options .................................................................................. 136

Fortinet Active IP Sessions................................................................. 137

RFC-1213 (MIB II) .............................................................................. 137

RFC-2665 (Ethernet-like MIB) ............................................................ 137

Network Analyzer........................................................................... 139

Connecting the FortiAnalyzer for analyzing network traffic ..................... 139

Traffic viewer ................................................................................................. 140

Real-time traffic viewer ............................................................................. 140

Historical traffic viewer .............................................................................. 141

Changing the historical view criteria................................................... 142

Browsing network traffic logs ...................................................................... 142

Browsing network traffic log files............................................................... 143

Downloading a network traffic log file ....................................................... 144

Customizing the traffic analyzer log view ................................................... 145

Customizing the log column views............................................................ 145

Filtering network traffic logs ...................................................................... 145

Filtering tip.......................................................................................... 146

Contents

FortiAnalyzer Version 3.0 MR3 Administration Guide

05-30003-0082-20060925 9

Search the network traffic logs .................................................................... 146

Basic search.............................................................................................. 146

Advanced search ...................................................................................... 146

Search tips ................................................................................................ 147

Printing the search results......................................................................... 147

Log rolling ...................................................................................................... 147

Vulnerability scan .......................................................................... 151

Modules .......................................................................................................... 151

Jobs ................................................................................................................ 152

Adding a new vulnerability scan job .......................................................... 153

Reports ........................................................................................................... 155

Index................................................................................................ 157

FortiAnalyzer Version 3.0 MR3 Administration Guide

10 05-30003-0082-20060925

Contents

Introduction The FortiAnalyzer Unit

FortiAnalyzer Version 3.0 MR3 Administration Guide

05-30003-0082-20060925 11

Introduction

FortiAnalyzer units are network appliances that provides robust reporting, data

analysis and integrated log collection tools. Detailed log reports provide historical

as well as current analysis of network traffic, such as email, FTP and web

browsing activity, to help identify security issues and reduce network misuse and

abuse.

The FortiAnalyzer unit provides a robust selection of reporting tools from detailed

reports that can be scheduled or generated on demand, to basic traffic sniffing

and real-time network monitoring.

This section introduces you to the FortiAnalyzer appliance and includes the

following topics:

•The FortiAnalyzer Unit

•About this guide

•FortiAnalyzer documentation

•Customer service and technical support

The FortiAnalyzer Unit

The FortiAnalyzer family includes the following models:

FortiAnalyzer-100A/100B

Ports 4 10/100 Ethernet ports

Memory 256 MB

Disk Drives 1

Disk Drive Capacity 120 GB

FortiGate Devices Supported 10 FortiGate devices or VDOM licenses.

Supports FortiGate-50A to FortiGate-100A

only.

FortiClient installations Supported None

AC Input Voltage 100-240V 0.8Amp Max

POWER

STAT US

4321

LINK / ACT

10/100

FortiAnalyzer Version 3.0 MR3 Administration Guide

12 05-30003-0082-20060925

The FortiAnalyzer Unit Introduction

FortiAnalyzer-400

FortiAnalyzer-800

Ports 3 10/100 Ethernet ports

Memory 256 MB

Disk Drives 4 x 120MB hot-swappable (3.0 MR1)

Disk Drive Capacity 480 GB

FortiGate Devices Supported 200 FortiGate units or VDOM licenses.

Supports FortiGate-50A to FortiGate-800 only.

FortiClient installations Supported 2000

AC Input Voltage 100-240V 4Amp Max

Ports 2 10/100 Ethernet ports

Memory 512 MB

Disk Drives 4 x 120MB hot-swappable (3.0 MR1)

Disk Drive Capacity 480 GB

FortiGate Devices Supported 250 FortiGate units or VDOM licenses.

Supports FortiGate-50A to FortiGate-800 only.

FortiClient installations Supported 2500

AC Input Voltage 100-240V 04Amp Max

Introduction The FortiAnalyzer Unit

FortiAnalyzer Version 3.0 MR3 Administration Guide

05-30003-0082-20060925 13

FortiAnalyzer-2000

FortiAnalyzer-4000

FortiAnalyzer-4000A

Ports 4 gigabit Ethernet ports

Memory 2 GB

Disk Drives 6 x 400GB hot-swappable

Disk Drive Capacity 2.4 TB

FortiGate Devices Supported 500 FortiGate units or VDOM licenses.

Supports all FortiGate models.

FortiClient installations Supported 5000

AC Input Voltage 100-240V 9Amp Max

Ports 2 gigabit ethernet ports

Memory 1 GB

Disk Drives 12 x 250GB - hot-swappable

Disk Drive Capacity 3 TB

FortiGate Devices Supported 500 FortiGate units or VDOM licenses.

Supports all FortiGate models.

FortiClient installations Supported 5

AC Input Voltage 100-240V 9Amp Max

Ports 2 gigabit ethernet ports

Memory 1 GB

Disk Drives 12 x 250GB - hot-swappable

Disk Drive Capacity 3 TB

FortiAnalyzer Version 3.0 MR3 Administration Guide

14 05-30003-0082-20060925

FortiAnalyzer features Introduction

FortiAnalyzer features

The FortiAnalyzer unit receives log files from multiple FortiGate and syslog

devices. Using the FortiAnalyzer unit’s robust reporting capabilities, you can

monitor the traffic, attacks, and misuses from network users. The FortiAnalyzer

unit includes the following features:

Reporting

The FortiAnalyzer reporting includes:

• Log analysis and reporting

Analyze logs submitted from multiple devices and generate a variety of reports

that enables you to proactively secure networks as threats arise, avoid network

abuses, manage bandwidth requirements, monitor Web site visits, and ensure

appropriate usage of the network. Analysis includes by firewall and by user or

group of users.

• Vulnerability reports

Vulnerability reports show potential weaknesses to attacks that may exist for a

selected device. The FortiAnalyzer unit queries for open ports, and where

possible, gathers information about the running services. Known vulnerabilities

that exist for a service or version of the service is included in the report.

Data mining

The FortiAnalyzer unit provides data mining features that enables you to easily

access simple reports to obtain information on the intrusion attempts on your

network as well as the types of traffic occurring on your network. Security event

summaries provide a snapshot of what unwanted traffic is attempting to breach

the firewall and the top traffic producers on the network, while traffic summaries

provide a snapshot of the traffic passing through the firewall on your network.

These reports can help you identify the high volume users, or attack events that

may be slowing down overall network traffic.

Network analyzer

The FortiAnalyzer network analyzer enables you to reach areas of the network

where FortiGate firewalls are not employed, or if you do not have a FortiGate unit

as a firewall. The FortiAnalyzer network analyzer functions as a sniffer to capture

traffic data, save it to the FortiAnalyzer hard disk, and display it or generate

reports using the data.

FortiGate Devices Supported 500 FortiGate units or VDOM licenses.

Supports all FortiGate models.

FortiClient installations Supported 5

AC Input Voltage 100-240V 9Amp Max

Note: Vulnerability reports are not available on the FortiAnalyzer-100.

Note: The network analyzer is not available on the FortiAnalyzer-100.

Introduction About this guide

FortiAnalyzer Version 3.0 MR3 Administration Guide

05-30003-0082-20060925 15

Log viewer

The log browser, enables you to view the log messages sent to the FortiAnalyzer

unit from registered devices. With the log viewer you can view any log file and

messages saved on the FortiAnalyzer hard disk. All log files and messages are

searchable and can be filtered to drill down and locate specific information.

Real-time log viewing

The FortiAnalyzer unit provides real-time logging of web, FTP and email traffic

through content logs.The content viewer provides a real-time display of

meta-information from registered devices. Meta-information includes where the

information is coming from and going to. For example, HTTP content includes the

source IP address and the destination URL to allow you to follow real-time trends

in network usage.

Log Aggregation

Log aggregation is a method of collating log data from remote FortiAnalyzer units

or other third party network devices that support the syslog format to a central

FortiAnalyzer unit. For example, a company may have a headquarters and a

number of branch offices. Each branch office has a FortiGate unit and a

FortiAnalyzer-100A/100B to collect local log information. The headquarters has a

FortiAnalyzer-2000 as the central log aggregator.

Quarantine

For FortiGate units that do not have a hard disk, the FortiAnalyzer unit offers the

ability to quarantine infected or suspicious files entering your network

environment. Use the quarantine browser on the FortiAnalyzer unit to view the

files to determine whether they are dangerous or not. Set the option on the

FortiGate unit to send the quarantined files to the FortiAnalyzer unit.

Network Attached Storage

The FortiAnalyzer unit also acts as a Network Attached Storage (NAS) device.

Use the FortiAnalyzer unit as a means of backing up or storing important

information or using the extra hard disk space as a file server or repository. Any

computer using NFS or Windows sharing can mount the FortiAnalyzer hard drive

to save and retrieve files.

About this guide

This guide describes how to set up, configure and use the FortiAnalyzer unit to

collect logs and generate reports on network use.

This guide has the following sections:

•Installing the FortiAnalyzer unit describes how to set up and install the

FortiAnalyzer unit in your network environment.

•Configure the FortiAnalyzer unit describes how to configure the FortiAnalyzer

system settings, such as system time, session information, and user

management.

FortiAnalyzer Version 3.0 MR3 Administration Guide

16 05-30003-0082-20060925

FortiAnalyzer documentation Introduction

•Devices describes how to add and configure FortiGate, FortiManager units and

Syslog servers so that the FortiAnalyzer unit can maintain a connection with

the device.

•Alerts describes how to set up alert messages and configure the FortiAnalyzer

unit to send messages via email through a mail server, to a syslog server or

using SNMP traps. This chapter also lists the SNMP traps supported by the

FortiAnalyzer unit.

•Traffic summary and security events describes how to configure and view

reports on intrusion attempts against your network as well as viewing the types

of traffic occurring on your network.

•Content archive describes how to monitor metadata content for all users using

email, FTP, Instant Messages and web browsing.

•Logs describes how to select and view device and FortiAnalyzer log files. It

also describes customizing the log views using filters and columns settings to

find information in the logs easier, as well as watch logs in real time.

•Quarantine describes how to configure the FortiAnalyzer unit to receive

quarantined files from a FortiGate unit and view them on the FortiAnalyzer

hard disk.

•Vulnerability scan describes how to set up vulnerability scans and view the

generated reports.

•Reports describes how to create report profiles for running regular reports on

the log information collected by the FortiAnalyzer unit. It also describes how to

view the generated reports.

•Network Analyzer describes how to connect the FortiAnalyzer unit to a SPAN

or mirror port on a network switch to analyze, or sniff, the network traffic

passing through it.

•Forensic Analysis describes how to view and report on an individuals network

habits and activities and generate reports for analysis.

FortiAnalyzer documentation

• FortiAnalyzer Administration Guide

Describes how to install and configure a FortiAnalyzer unit to collect FortiGate,

and Syslog log files, and connect to a FortiManager device for management

purposes. It also describes how to view log files, generate and view reports on

various network activities, and use the FortiAnalyzer unit as a NAS server.

• FortiAnalyzer CLI Reference

Describes how to use the command line interface of the FortiAnalyzer unit, and

describes all the commands available.

• FortiAnalyzer online help

Provides a searchable version of the Administration Guide in HTML format.

You can access online help from the web-based manager as you work.

• FortiAnalyzer QuickStart Guides

Explains how to install and set up the FortiAnalyzer unit.

Introduction Customer service and technical support

FortiAnalyzer Version 3.0 MR3 Administration Guide

05-30003-0082-20060925 17

Fortinet Tools and Documentation CD

All Fortinet documentation is available from the Fortinet Tools and Documentation

CD shipped with your Fortinet product. The documents on this CD are current at

shipping time. For up-to-date versions of Fortinet documentation see the Fortinet

Technical Documentation web site at http://docs.forticare.com.

Fortinet Knowledge Center

The knowledge center contains short how-to articles, FAQs, technical notes,

product and feature guides, and much more. Visit the Fortinet Knowledge Center

at http://kc.forticare.com.

Comments on Fortinet technical documentation

Please send information about any errors or omissions in this document, or any

Fortinet technical documentation, to techdo[email protected].

Customer service and technical support

Fortinet Technical Support provides services designed to make sure that your

Fortinet systems install quickly, configure easily, and operate reliably in your

network.

Please visit the Fortinet Technical Support web site at http://support.fortinet.com

to learn about the technical support services that Fortinet provides.

FortiAnalyzer Version 3.0 MR3 Administration Guide

18 05-30003-0082-20060925

Customer service and technical support Introduction

Installing the FortiAnalyzer unit Planning the installation

FortiAnalyzer Version 3.0 MR3 Administration Guide

05-30003-0082-20060925 19

Installing the FortiAnalyzer unit

This section describes the FortiAnalyzer hardware and how to connect the

FortiAnalyzer unit to the network. This section includes the following topics:

•Planning the installation

•Connecting the FortiAnalyzer unit

•Configuring the FortiAnalyzer unit

•Upgrading the FortiAnalyzer firmware

•Backing up the FortiAnalyzer hard disk

•Shutting down the FortiAnalyzer unit

Planning the installation

You can add the FortiAnalyzer unit to your local network to receive log message

packets from FortiGate and Syslog devices.

You can connect the FortiAnalyzer unit locally or remotely through the Internet. To

connect the FortiAnalyzer unit to devices remotely, you must configure the DNS

server and the default gateway. To manage the FortiAnalyzer unit, you can use a

computer within the local network or over the Internet.

Figure 1: FortiAnalyzer connection option

Internet

FortiAnalyzer Version 3.0 MR3 Administration Guide

20 05-30003-0082-20060925

Connecting the FortiAnalyzer unit Installing the FortiAnalyzer unit

Connecting the FortiAnalyzer unit

You can install the FortiAnalyzer unit as a free-standing appliance on any stable

surface. You can also mount the FortiAnalyzer-800, FortiAnalyzer-2000 and

FortiAnalyzer-4000/4000A onto a rack unit.

Environmental specifications

• Operating temperature: 41 to 95°F (5 to 35°C)

If you install the FortiAnalyzer unit in a closed or multi-unit rack assembly, the

operating ambient temperature of the rack environment may be greater than

room ambient temperature. Therefore, make sure to install the equipment in an

environment compatible with the manufacturer's maximum rated ambient

temperature.

• Storage temperature: -4 to 176°F (-20 to 80°C)

• Humidity: 10 to 90% non-condensing

Air flow

• For rack installation, make sure that the amount of air flow required for safe

operation of the equipment is not compromised.

• For free-standing installation, make sure that the appliance has at least 1.5 in.

(3.75 cm) of clearance on each side to allow for adequate air flow and cooling.

Mechanical loading

You can mount the FortiAnalyzer-800, FortiAnalyzer-2000 and

FortiAnalyzer-4000/4000A units in a standard 19-inch rack. The FortiAnalyzer-800

requires 1U of vertical space and the FortiAnalyzer-2000 and

FortiAnalyzer-4000/4000A requires 2U of vertical space in the rack.

For rack installation, ensure an even mechanical loading of the FortiAnalyzer-800,

FortiAnalyzer-2000 and FortiAnalyzer-4000/4000A to avoid a hazardous

condition.

Connecting to the network

To connect the FortiAnalyzer unit to the network

1Place the unit on a stable surface, or in a 19-inch rack unit.

2Make sure the power of the unit is turned off.

3Connect the network cable to the LAN or Port 1 interface.

4Connect the power cable to a power outlet.

5Turn on the power switch.

Note: The FortiAnalyzer unit may overload your supply circuit and impact your surge

protection and supply wiring. Use appropriate equipment nameplate ratings to address this

concern.

Make sure that the FortiAnalyzer unit has reliable grounding. Fortinet recommends direct

connections to the branch circuit.

Other manuals for FortiAnalyzer-100A

This manual suits for next models

Table of contents

Other Fortinet Measuring Instrument manuals

Fortinet

Fortinet FortiAnalyzer 3700F User manual

Fortinet

Fortinet FortiAnalyzer 1000B User manual

Fortinet

Fortinet FortiAnalyzer 100C User manual

Popular Measuring Instrument manuals by other brands

Milwaukee

Milwaukee MW802 user manual

ELMACRON

ELMACRON 1005RE instructions

greenTEG

greenTEG gO Measurement-System user manual

ATEQ

ATEQ VT31 user guide

SENSYS

SENSYS SBL10 manual

horiba

horiba HP-200 instruction manual

Simex

Simex SRT-94-XA user manual

Dynalink

Dynalink W3-01 user manual

PURE

PURE Avalon 300R Connect manual

Endress+Hauser

Endress+Hauser Liquiline System CA80HA operating instructions

Gossen MetraWatt

Gossen MetraWatt MAVOLUX 5032C operating instructions

Elektor

Elektor Dual DC LISN user manual

Endress+Hauser

Endress+Hauser StamoSens CNM 750 operating instructions

HEIDENHAIN

HEIDENHAIN ND 1200R Radial operating instructions

Endress+Hauser

Endress+Hauser Proline Prosonic Flow P 500 operating instructions

Fluke

Fluke OptiView II Series Getting started guide

Systec Controls

Systec Controls deltawaveC-F manual

ATAGO

ATAGO PAL-41S instruction manual

Fortinet FortiAnalyzer-100A Instruction Manual

Popular Measuring Instrument manuals by other brands