FortiSIEM Working with the Configuration Management Database (CMDB)

Working with the Configuration Management Database (CMDB)

The Configuration Management Database (CMDB) contains:

Discovered information about your IT infrastructure such as devices, networks, applications, and users

Information derived from your discovered infrastructure, including network topology and inter-device relationships such as the relationship of WLAN Access Points to Controller, and Virtual Machines to ESX Hosts.

Information about system objects such as rules, reports, business services, event types, networks, and ports/protocols

You can find and manage all this information under the CMDB tab.

CMDB Categorization of Devices and Applications

Overview of the CMDB User Interface

Managing CMDB Objects

Anonymity Networks and Groups

Setting Up an External Data Source for Anonymity Networks

Applications

Malware Domains

Updating System Defined Malware Domain Groups

Manually Creating Malware Domains and Groups Custom Malware Domain Threat Feed

Updating System-Defined Malware IP Groups

Manually Creating Malware IP Addresses and Groups

Custom Malware IP Threat Feed

Malware URLs

Updating System-Defined Malware URL Group

Manually Creating Malware URLs

Custom Malware URL Threat Feed

Malware Hashes

Updating System Defined Malware Hash Group

Manually Creating Manual Hash

Custom Malware Hash Threat Feed

Malware Processes

Country Groups

Creating CMDB Groups and Adding Objects to Them

Default Passwords

Creating a Watch List

System-Defined Watch Lists

Reporting on CMDB Objects

CMDB Report Types

Running, Saving, and Exporting a CMDB Report

Creating and Modifying CMDB Reports

Importing and Exporting CMDB Report Definitions

 

CMDB Categorization of Devices and Applications

Categorization of Devices and Applications

From Discovery – Network Devices

From Discovery – Applications

From Logs

Special Cases

Categorizing a Cisco IOS Router/Switch

Categorizing Fortinet Firewalls

Categorizing Microsoft IIS

Categorizing Cisco ASA

Categorizing Microsoft IIS


Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!

This entry was posted in Administration Guides, FortiSIEM on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.