Fortinet black logo

Administration Guide

Home FortiAnalyzer BigData 7.4.0 Administration Guide
7.4.0
7.4.0
7.2.7
7.2.6
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.6
7.0.5
7.0.4
7.0.3
7.0.1
6.4.6
6.4.5
6.2.5
6.2.1

Set up the FortiAnalyzer-BigData network

Set up the FortiAnalyzer-BigData network

To set up the network for FortiAnalyzer-BigData, connect either a 10GE link with SFP or 40GE link with QSFP, from Switch Module #2 to your public access switch, and then set up the external IP address via the FortiAnalyzer-BigData GUI or CLI. This setup requires two IPs from the same subnet for logging (Main Host) and management (Security Event Manager) access.

This topic includes steps:

To set up the FortiAnalyzer-BigData 4500F network:

To set up the network via the GUI for FortiAnalyzer-BigData 4500F:
  1. From the FortiAnalyzer-BigData GUI, go to System Settings > Network.
  2. In the Interface section, select the checkbox for port2 and click Edit.
  3. Change the Security Event Manager IP Address/Netmask and Gateway fields to your internal network.

    This is the address of the FortiAnalyzer-BigData Security Event Manager, which is responsible for serving the web GUI and performs various data processing and management workload.

  4. Change the Main Host IP Address/Netmask and Gateway fields to your internal network.

    This is the address of the FortiAnalyzer-BigData Main host, which is responsible for collecting the logs and serving the services for FortiView, LogView, Reports, and so on.

  5. Keep the default settings for Administrative Access.
  6. Specify a Default Gateway and DNS Servers.
  7. Click Apply to save your changes.

  8. From your management computer, change the IP Address/Netmask to reconnect it to FortiAnalyzer-BigData.
To set up the network via the CLI for FortiAnalyzer-BigData 4500F:
  1. Connect to the FortiAnalyzer-BigData Main CLI to set up the external IP address, via the CMM web management utility (see To connect to the Security Event Manager Controller:).
  2. Change the Security Event Manager IP Address/Netmask and Gateway fields to your internal network.

    This is the address of the FortiAnalyzer-BigData Security Event Manager, which is responsible for serving the web GUI and performs various data processing and management workload.

    config system global

    set bd-management-gateway 10.106.2.254

    set bd-management-ip 10.106.2.220 255.255.255.0

    end

  3. Change the Main Host IP Address/Netmask and Gateway fields to your internal network.

    This is the address of the FortiAnalyzer-BigData Main host, which is responsible for collecting the logs displayed in the GUI for FortiView, LogView, Reports, and so on.

    config system interface

    edit "port2"

    set ip 10.106.2.221 255.255.255.0

    next

    end

    config system route

    edit 1

    set device "port2"

    set gateway 10.106.2.254

    next

    end

To set up the FortiAnalyzer-BigData-VM network:

To set up the network via the GUI for FortiAnalyzer-BigData-VM:
  1. From the FortiAnalyzer-BigData web GUI, go to System Settings > Network.
  2. In Cluster Network section, edit the Main Host IP Address/Netmask and Gateway fields to your internal network.

    This is the address of the FortiAnalyzer-BigData Main host, which is responsible for collecting the log and serving the services for FortiView, LogView, Reports, and so on.

  3. In Cluster Network section, edit the Management IP Address/Netmask and Gateway fields to your internal network.

    This is the address of the FortiAnalyzer-BigData Security Event Manager, which is responsible for serving the web GUI and performs various data processing and management workload.

  4. Click Save to save your changes.

To set up the network via the CLI for FortiAnalyzer-BigData-VM:
  1. Access the ESXi/vSphere Web Console of the Security Event Manager Controller VM.
  2. Connect with the username root and password fortinet@123.
  3. To configure the Management IP Address, use the following command:

    fazbdctl set addr {ip/mask} {gateway} --management

    For example, enter fazbdctl set addr 10.160.74.175/24 10.160.74.1 --management

    This is the address of the FortiAnalyzer-BigData Security Event Manager, which is responsible for serving the web GUI and performs various data processing and management workload.

  4. To configure the main host IP address, use the following command:

    fazbdctl set addr {ip/mask} {gateway} --mainhost

    For example, enter fazbdctl set addr 10.160.74.174/24 10.160.74.1 --mainhost

    This is the address of the FortiAnalyzer-BigData Main host, which is responsible for collecting the log and serving the services for FortiView, LogView, Reports, and so on.

Previous
Next

Set up the FortiAnalyzer-BigData network

To set up the network for FortiAnalyzer-BigData, connect either a 10GE link with SFP or 40GE link with QSFP, from Switch Module #2 to your public access switch, and then set up the external IP address via the FortiAnalyzer-BigData GUI or CLI. This setup requires two IPs from the same subnet for logging (Main Host) and management (Security Event Manager) access.

This topic includes steps:

To set up the FortiAnalyzer-BigData 4500F network:

To set up the network via the GUI for FortiAnalyzer-BigData 4500F:
  1. From the FortiAnalyzer-BigData GUI, go to System Settings > Network.
  2. In the Interface section, select the checkbox for port2 and click Edit.
  3. Change the Security Event Manager IP Address/Netmask and Gateway fields to your internal network.

    This is the address of the FortiAnalyzer-BigData Security Event Manager, which is responsible for serving the web GUI and performs various data processing and management workload.

  4. Change the Main Host IP Address/Netmask and Gateway fields to your internal network.

    This is the address of the FortiAnalyzer-BigData Main host, which is responsible for collecting the logs and serving the services for FortiView, LogView, Reports, and so on.

  5. Keep the default settings for Administrative Access.
  6. Specify a Default Gateway and DNS Servers.
  7. Click Apply to save your changes.

  8. From your management computer, change the IP Address/Netmask to reconnect it to FortiAnalyzer-BigData.
To set up the network via the CLI for FortiAnalyzer-BigData 4500F:
  1. Connect to the FortiAnalyzer-BigData Main CLI to set up the external IP address, via the CMM web management utility (see To connect to the Security Event Manager Controller:).
  2. Change the Security Event Manager IP Address/Netmask and Gateway fields to your internal network.

    This is the address of the FortiAnalyzer-BigData Security Event Manager, which is responsible for serving the web GUI and performs various data processing and management workload.

    config system global

    set bd-management-gateway 10.106.2.254

    set bd-management-ip 10.106.2.220 255.255.255.0

    end

  3. Change the Main Host IP Address/Netmask and Gateway fields to your internal network.

    This is the address of the FortiAnalyzer-BigData Main host, which is responsible for collecting the logs displayed in the GUI for FortiView, LogView, Reports, and so on.

    config system interface

    edit "port2"

    set ip 10.106.2.221 255.255.255.0

    next

    end

    config system route

    edit 1

    set device "port2"

    set gateway 10.106.2.254

    next

    end

To set up the FortiAnalyzer-BigData-VM network:

To set up the network via the GUI for FortiAnalyzer-BigData-VM:
  1. From the FortiAnalyzer-BigData web GUI, go to System Settings > Network.
  2. In Cluster Network section, edit the Main Host IP Address/Netmask and Gateway fields to your internal network.

    This is the address of the FortiAnalyzer-BigData Main host, which is responsible for collecting the log and serving the services for FortiView, LogView, Reports, and so on.

  3. In Cluster Network section, edit the Management IP Address/Netmask and Gateway fields to your internal network.

    This is the address of the FortiAnalyzer-BigData Security Event Manager, which is responsible for serving the web GUI and performs various data processing and management workload.

  4. Click Save to save your changes.

To set up the network via the CLI for FortiAnalyzer-BigData-VM:
  1. Access the ESXi/vSphere Web Console of the Security Event Manager Controller VM.
  2. Connect with the username root and password fortinet@123.
  3. To configure the Management IP Address, use the following command:

    fazbdctl set addr {ip/mask} {gateway} --management

    For example, enter fazbdctl set addr 10.160.74.175/24 10.160.74.1 --management

    This is the address of the FortiAnalyzer-BigData Security Event Manager, which is responsible for serving the web GUI and performs various data processing and management workload.

  4. To configure the main host IP address, use the following command:

    fazbdctl set addr {ip/mask} {gateway} --mainhost

    For example, enter fazbdctl set addr 10.160.74.174/24 10.160.74.1 --mainhost

    This is the address of the FortiAnalyzer-BigData Main host, which is responsible for collecting the log and serving the services for FortiView, LogView, Reports, and so on.

Previous
Next