ページ1に含まれる内容の要旨
FortiLog Administration Guide
FortiLog-400
FortiLog-100
4
1
FortiLog-800
8
FortiLog Administration Guide
Version 1.6
January 15, 2004
05-16000-0082-20050115�������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������
ページ2に含まれる内容の要旨
© Copyright 2005 Fortinet Inc. All rights reserved. No part of this publication including text, examples, diagrams or illustrations may be reproduced, transmitted, or translated in any form or by any means, electronic, mechanical, manual, optical or otherwise, for any purpose, without prior written permission of Fortinet Inc. FortiLog Administration Guide Version 1.6 January 15, 2005 05-16000-0082-20050115 Trademarks Products mentioned in this document are trademarks or registered trademarks of
ページ3に含まれる内容の要旨
Contents Table of Contents Introduction ............................................................................................................ 7 Operational Modes.............................................................................................................. 8 Active Mode .................................................................................................................... 8 Passive Mode ...........................................................................
ページ4に含まれる内容の要旨
Contents Managing the FortiLog unit................................................................................. 29 Status................................................................................................................................ 29 Status............................................................................................................................ 29 Changing the FortiLog host name.............................................................................
ページ5に含まれる内容の要旨
Contents Reports ................................................................................................................. 57 Creating and generating a report...................................................................................... 57 Configuring report parameters ...................................................................................... 58 Configuring a report query ............................................................................................ 59 C
ページ6に含まれる内容の要旨
Contents Adding and modifying group accounts.......................................................................... 83 Assigning access to folders .......................................................................................... 83 Modifying the user or group folder access ................................................................ 85 Setting folder and file properties ....................................................................................... 86 FortiLog CLI referen
ページ7に含まれる内容の要旨
FortiLog Administration Guide Version 1.6 Introduction FortiLog units are network appliances that provide integrated log collection, analysis tools and data storage. Detailed log reports provide historical as well as current analysis of network and email activity to help identify security issues and reduce network misuse and abuse. FortiLog units operate in one of two modes: • In Active mode as a log collection and analysis tool to collect logs from FortiGate and FortiMail devices and genera
ページ8に含まれる内容の要旨
Operational Modes Introduction Operational Modes The FortiLog device can operate in two modes: Active mode or Passive mode. The web-based interface provides an interface that reflects each models’ functionality. Active Mode Active mode is the default mode for the FortiLog unit. In Active mode, the FortiLog unit can receive log files from FortiGate, FortiClient, FortiMail and syslog devices. Using the reporting features, you can use the FortiLog unit to view the log files and generate more th
ページ9に含まれる内容の要旨
Introduction Operational Modes Figure 3: FortiLog Active mode network architecture FortiGate Unit FortiMail Unit FortiGate Unit CONSOLE 1 2 3 4 / HA CONSOLE 1 2 3 4 / HA Esc Enter Esc Enter CONSOLE 1 2 PWE Esc Enter CONSOLE 1 2 3 4 / HA FortiGate Unit CONSOLE 1 2 3 4 / HA CONSOLE 1 2 3 4 / HA Esc Enter Internet Esc Enter FortiGate Unit FortiGate Unit Switch Management PC Reports Esc Enter CONSOLE 1 2 3 4 / HA FortiGate Unit 4 FortiLog Unit Passive Mode Passive mode enables you to use the FortiLo
ページ10に含まれる内容の要旨
About this guide Introduction About this guide This document describes how to set up and configure the FortiLog unit. The configuration and features of the FortiLog unit are similar in either mode. Section titles indicate where the features or configuration differs or is unique to each mode. For example, Devices (Active mode). This document has the following sections: • Setting up the FortiLog unit describes how to set up and install the FortiLog unit in your network. • Connecting to the For
ページ11に含まれる内容の要旨
Introduction Related documentation Related documentation Additional information about Fortinet products is available from the following related documentation. FortiGate documentation Information about FortiGate products is available from the following guides: • FortiGate QuickStart Guide Provides basic information about connecting and installing a FortiGate unit. • FortiGate Installation Guide Describes how to install a FortiGate unit. Includes a hardware reference, default configuration infor
ページ12に含まれる内容の要旨
Related documentation Introduction FortiManager documentation • FortiManager QuickStart Guide Explains how to install the FortiManager Console, set up the FortiManager Server, and configure basic settings. • FortiManager System Administration Guide Describes how to use the FortiManager System to manage FortiGate devices. • FortiManager System online help Provides a searchable version of the Administration Guide in HTML format. You can access online help from the FortiManager Console as you wor
ページ13に含まれる内容の要旨
Introduction Customer service and technical support Customer service and technical support For antivirus and attack definition updates, firmware updates, updated product documentation, technical support information, and other resources, please visit the Fortinet technical support web site at http://support.fortinet.com. You can also register FortiGate Antivirus Firewalls from http://support.fortinet.com and change your registration information at any time. Fortinet email support is available
ページ14に含まれる内容の要旨
Customer service and technical support Introduction 14 05-16000-0082-20050115 Fortinet Inc.�������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������
ページ15に含まれる内容の要旨
FortiLog Administration Guide Version 1.6 Setting up the FortiLog unit This chapter includes: • Checking the package contents • Hardware specifications • Planning the installation • Connecting the FortiLog unit • Configuring the FortiLog unit Checking the package contents The FortiLog family includes three models. Check the model number on the front panel of your FortiLog unit. All three models are shown in the picture below. • FortiLog-100, desktop model with one hard drive. • FortiLog-400,
ページ16に含まれる内容の要旨
Checking the package contents Setting up the FortiLog unit Figure 5: FortiLog front and back diagrams FortiLog-100 FortiLog-400 LED indicators: Setting Front Power, Error, Network, LCD Switches and Disk Access Panel A and B Reset 1 Switch Power Switch LCD Setting Switches LAN1 Panel A and B (Network Connection) Power LAN2 and LAN3 Back Switch For Future Use Power Reset Connection Switch ATX 4 Redundant Power Supplies Front Back LAN Power Connection Accessories for each model FortiLog-800 Front E
ページ17に含まれる内容の要旨
Setting up the FortiLog unit Planning the installation Power requirements • FortiLog-100 • AC input voltage: 100 to 240 VAC • AC input current: 1.0 A • Frequency: 47 to 63 Hz • FortiLog-400 and 800 • AC input voltage: 115 to 230 VAC • AC input current: 4 to 2 A • Frequency: 47 to 63 Hz Environmental specifications • Operating temperature: 41 to 95°F (5 to 35°C) If you install the FortiLog unit in a closed or multi-unit rack assembly, the operating ambient temperature of the rack environment may
ページ18に含まれる内容の要旨
Connecting the FortiLog unit Setting up the FortiLog unit Figure 6: FortiLog connection option FortiMail unit FortiGate units Esc Enter Esc Enter CONSOLE 1 2 PWE Internal Network FortiGate unit Esc Enter FortiLog unit 4 Management PC Internet Management PC Esc Enter Esc Enter Esc Enter FortiGate unit FortiGate unit FortiGate unit Connecting the FortiLog unit You can install the FortiLog unit as a free-standing appliance on any stable surface. You can mount the FortiLog-800 unit in a standard 19-
ページ19に含まれる内容の要旨
Setting up the FortiLog unit Configuring the FortiLog unit Configuring the FortiLog unit Use the web-based manager or the Command Line Interface (CLI) to configure the FortiLog unit IP address, netmask, DNS server IP address, and default gateway IP address. Table 2: Factory defaults Administrator User name: admin account Password: (none) IP: 192.168.1.99 LAN Netmask: 255.255.255.0 Management Access: HTTPS, Ping Using the web-based manager The web-based manager provides a GUI interface to confi
ページ20に含まれる内容の要旨
Configuring the FortiLog unit Setting up the FortiLog unit 6 Type admin in the Name field and select Login. After connecting to the Web-based manager, you can configure the FortiLog unit IP address, DNS server IP address, and default gateway to connect the FortiLog unit to the network. To configure the FortiLog unit using the web-based manager 1 In the web-based manager, go to System > Config > Network. 2 Enter the IP address, netmask, primary DNS server IP address, secondary DNS server IP
