Chapter 10 – FortiView

Leave a reply

Device Topology Visualization

 

Notes about Device Topology:

  • Place your cursor over any object in the visualization to display the device name, the IP address, Sessions, sent and received Bytes and Packets, Bandwidth, and Dropped Bytes.
  • In many cases, such as Internal Network Firewall (INFW) deployments, there are multiple Fortigates performing NAT before a host reaches the external-facing WAN. In such a situation, a bubble chart depicting internal traffic may be inaccurate because the biggest bubble will be a Fortigate that is NAT’ing hundreds of endpoints behind it. This page solves that issue by ensuring all network elements are given visibility and structured in a human-readable format.

 

Realtime visualization

In addition to these new visualization options, you can now also enable realtime visualization.

 

To enable realtime visualization:

1. Click on the Settings icon next to the upper right-hand corner and select Auto update realtime visualizations.

An option is displayed to set the Interval (seconds). The maximum value is 300.

2. Enter a desired Interval and click Apply.

 

 

Links created between FortiView and View/Create Policy

The Policy column in FortiView consoles and the Log Viewer pages has changed to a link, which navigates to the IPv4 or IPv6 policy list and highlights the policy.

Right-clicking on a row in FortiView or the Log Viewer has menu items for Block Source, Block Destination and Quarantine Source where appropriate columns are available to determine these values. When multiple rows are selected, the user will be prompted to create a named Address Group to contain the new addresses.

When the user clicks Block Source or Block Destination they are taken to a policy creation page with enough information filled in to create a policy blocking the requested IP traffic.

The policy page will feature an informational message block at the top describing the actions that will be taken. Once the user submits the form, the requisite addresses, groups and policy will be created at once.

If the user clicks on Quarantine User then they will be prompted for a duration. They may also check a box for a Permanent Ban. The user can manage quarantined users under Monitor > User Quarantine Monitor.


Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!

Pages: 1 2 3 4 5 6
This entry was posted in FortiOS 5.4 Handbook and tagged , , on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.