FortiSIEM Working with the Configuration Management Database (CMDB)

Working with the Configuration Management Database (CMDB)

The Configuration Management Database (CMDB) contains:

Discovered information about your IT infrastructure such as devices, networks, applications, and users

Information derived from your discovered infrastructure, including network topology and inter-device relationships such as the relationship of WLAN Access Points to Controller, and Virtual Machines to ESX Hosts.

Information about system objects such as rules, reports, business services, event types, networks, and ports/protocols

You can find and manage all this information under the CMDB tab.

CMDB Categorization of Devices and Applications

Overview of the CMDB User Interface

Managing CMDB Objects

Anonymity Networks and Groups

Setting Up an External Data Source for Anonymity Networks

Applications

Malware Domains

Updating System Defined Malware Domain Groups

Manually Creating Malware Domains and Groups Custom Malware Domain Threat Feed

Updating System-Defined Malware IP Groups

Manually Creating Malware IP Addresses and Groups

Custom Malware IP Threat Feed

Malware URLs

Updating System-Defined Malware URL Group

Manually Creating Malware URLs

Custom Malware URL Threat Feed

Malware Hashes

Updating System Defined Malware Hash Group

Manually Creating Manual Hash

Custom Malware Hash Threat Feed

Malware Processes

Country Groups

Creating CMDB Groups and Adding Objects to Them

Default Passwords

Creating a Watch List

System-Defined Watch Lists

Reporting on CMDB Objects

CMDB Report Types

Running, Saving, and Exporting a CMDB Report

Creating and Modifying CMDB Reports

Importing and Exporting CMDB Report Definitions

 

CMDB Categorization of Devices and Applications

Categorization of Devices and Applications

From Discovery – Network Devices

From Discovery – Applications

From Logs

Special Cases

Categorizing a Cisco IOS Router/Switch

Categorizing Fortinet Firewalls

Categorizing Microsoft IIS

Categorizing Cisco ASA

Categorizing Microsoft IIS


Having trouble configuring your Fortinet hardware or have some questions you need answered? Ask your questions in the comments below!!! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!

Leave a Reply

Name *
Email *
Website

This site uses Akismet to reduce spam. Learn how your comment data is processed.