Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • New Features

    Home FortiAnalyzer 6.4.0 New Features
    6.4.0
    7.6.0
    7.4.0
    7.2.0
    7.0.0
    6.4.0
    6.2.3
    6.2.2
    6.2.1
    6.2.0

    Facial Recognition 6.4.1

    Facial Recognition 6.4.1

    A new AI engine has been added to the FortiRecorder module to identify a person by analyzing patterns in the person's facial features. Faces detected by the camera can be used to enrich the Assets and Identity feature for UEBA correlation. The facial recognition feature allows SOC to easily perform video surveillance for its physical security from a single FortiAnalyzer console.

    GUI

    To enable face recognition in the GUI:
    1. Go to FortiRecorder > Camera Manager.
    2. In the tree menu, click Camera and select a managed camera in the pane.
      1. Enable Face Recognition.
      2. Click the AF icon to focus the camera.

    3. To view faces detected by the camera, go to FortiRecorder > Face Recognition, and click New Face Detected in the tree menu.
      • Similar faces are organized into clusters.
      • Each cluster represents a different user.
      • You can delete a face from a cluster or merge faces in a cluster.
      • Click the image in a cluster to watch a video of the user event.
      • Clusters can be ordered by count or time.

    4. Use the profile pane at the right side of the page to link faces to user profiles.

      New faces can be linked to following profile types:

      • UEBA : The user has an existing endpoint entry within FortiAnalyzer, and has information retrieved from FortiClient and FortiGate.
      • Non-UEBA Staff: The user does not have an endpoint entry in FortiAnalyzer, but is employed by your organization. For example, a maintenance person.
      • Guest: Someone who is not employed by your organization.

    5. In the tree menu, click Known Faces to view faces that are linked to a user profile.
      • New events detected by the camera events are saved to the related known faces cluster.
      • You can delete events from a cluster.
      • Click the image to view a video of the event.
      • You can order the clusters by count, or by the image time stamp.

    To view activity reports in the GUI:
    1. In the tree menu, go to Activity Report > Guests.

      The report pane displays the user events.

      1. Hover an event in the time line to view when the event was detected and the camera that detected it.
      2. Click an event in the time line to watch a video of the event.
      3. Use your scroll wheel to adjust the time frame.
      4. Click Reset Zoom to reset the time line.

    2. In the tree menu, go to Activity Report > Internal Users.

      Click a heading to sort a column in ascending or descending order. The following information is displayed:

      • User Name: The internal user name.
      • Bandwidth (Sent/Received): The bandwidth sent and received from the camera in bytes.
      • Captured Times: The number of times the camera captured an image of the user.
    3. In the toolbar, click the time frame dropdown to specify the time period.

    CLI

    To enable and disable the AI module in the CLI:

    config system global

    # set disable-module

    Note

    The disable-module command enables all of the AI modules.
    To set the database and disk quota in the CLI:
    1. Set disk quota for AI.

      config system global

      set ai-disk-quota value <disk limit in GB>

      If the configuration is successful, the remaining available hard disk space shall be deducted accordingly.

    2. Set database table item count limit.

      execute face-recognition setting event_item_count_max <limit>

    3. The aisched daemon cleans up the database and disk used by AI approximately once a day.
    CPU usage

    CPU usage is managed by nice. The AI module has three daemons:

    aid Pre-processes videos with deep learning algorithms, which consumes lots of computational resources. The niceness is set to 19 (lowest priority).
    aiclusterd Requires limited CPU/memory resource and is responsible for user interfaces. The niceness is set to default value 0.
    aisched Performs routine tasks,such as daily database clean up and requires very limited CPU/memory sources. The niceness is set to default value 0.
    Memory usage

    Memory usage of daemon aid is controlled by Cgroup. If the limit is violated, daemon aid will be killed by Linux kernel.

    The following CLI is used to update the maximum memory limitation. The default value is 4096.

    config system global

    set ai-memory-quota <limit in MB>

    end

    Face Recognition

    Face recognition related CLIs have been added under the execute face-recognition command:

    execute		face-recognition
    backup 		backup AI infos
    log		AI log
    process		process specific videos
    restore		restore AI infos
    setting		Show/Modify AI configuration
    To back up an AI user's personal information in the CLI:

    execute face-recognition backup <ip:port> <filename><username><password>

    Now we support restore from FTP server only.

    Note

    Restoring an AI user's information is supported in the FTP server only.
    To insert a specific camera's into the AI database in the CLI:

    execute face-recognition process <camera_name>

    To configure AI specific settings in the CLI:

    Show all AI setting parameters:

    execute face-recognition setting

    Show a specific key value:

    execute face-recognition setting <key>

    Modify a specific key value:

    execute face-recognition setting <key> <key_value>

    Event logs

    Three log types have been added to the current log system:

    LOG_EVENT_AID_STATUS

    LOG_EVENT_AID_CONFIG

    LOG_EVENT_AID_UI

    Previous
    Next

    Facial Recognition 6.4.1

    Facial Recognition 6.4.1

    A new AI engine has been added to the FortiRecorder module to identify a person by analyzing patterns in the person's facial features. Faces detected by the camera can be used to enrich the Assets and Identity feature for UEBA correlation. The facial recognition feature allows SOC to easily perform video surveillance for its physical security from a single FortiAnalyzer console.

    GUI

    To enable face recognition in the GUI:
    1. Go to FortiRecorder > Camera Manager.
    2. In the tree menu, click Camera and select a managed camera in the pane.
      1. Enable Face Recognition.
      2. Click the AF icon to focus the camera.

    3. To view faces detected by the camera, go to FortiRecorder > Face Recognition, and click New Face Detected in the tree menu.
      • Similar faces are organized into clusters.
      • Each cluster represents a different user.
      • You can delete a face from a cluster or merge faces in a cluster.
      • Click the image in a cluster to watch a video of the user event.
      • Clusters can be ordered by count or time.

    4. Use the profile pane at the right side of the page to link faces to user profiles.

      New faces can be linked to following profile types:

      • UEBA : The user has an existing endpoint entry within FortiAnalyzer, and has information retrieved from FortiClient and FortiGate.
      • Non-UEBA Staff: The user does not have an endpoint entry in FortiAnalyzer, but is employed by your organization. For example, a maintenance person.
      • Guest: Someone who is not employed by your organization.

    5. In the tree menu, click Known Faces to view faces that are linked to a user profile.
      • New events detected by the camera events are saved to the related known faces cluster.
      • You can delete events from a cluster.
      • Click the image to view a video of the event.
      • You can order the clusters by count, or by the image time stamp.

    To view activity reports in the GUI:
    1. In the tree menu, go to Activity Report > Guests.

      The report pane displays the user events.

      1. Hover an event in the time line to view when the event was detected and the camera that detected it.
      2. Click an event in the time line to watch a video of the event.
      3. Use your scroll wheel to adjust the time frame.
      4. Click Reset Zoom to reset the time line.

    2. In the tree menu, go to Activity Report > Internal Users.

      Click a heading to sort a column in ascending or descending order. The following information is displayed:

      • User Name: The internal user name.
      • Bandwidth (Sent/Received): The bandwidth sent and received from the camera in bytes.
      • Captured Times: The number of times the camera captured an image of the user.
    3. In the toolbar, click the time frame dropdown to specify the time period.

    CLI

    To enable and disable the AI module in the CLI:

    config system global

    # set disable-module

    Note

    The disable-module command enables all of the AI modules.
    To set the database and disk quota in the CLI:
    1. Set disk quota for AI.

      config system global

      set ai-disk-quota value <disk limit in GB>

      If the configuration is successful, the remaining available hard disk space shall be deducted accordingly.

    2. Set database table item count limit.

      execute face-recognition setting event_item_count_max <limit>

    3. The aisched daemon cleans up the database and disk used by AI approximately once a day.
    CPU usage

    CPU usage is managed by nice. The AI module has three daemons:

    aid Pre-processes videos with deep learning algorithms, which consumes lots of computational resources. The niceness is set to 19 (lowest priority).
    aiclusterd Requires limited CPU/memory resource and is responsible for user interfaces. The niceness is set to default value 0.
    aisched Performs routine tasks,such as daily database clean up and requires very limited CPU/memory sources. The niceness is set to default value 0.
    Memory usage

    Memory usage of daemon aid is controlled by Cgroup. If the limit is violated, daemon aid will be killed by Linux kernel.

    The following CLI is used to update the maximum memory limitation. The default value is 4096.

    config system global

    set ai-memory-quota <limit in MB>

    end

    Face Recognition

    Face recognition related CLIs have been added under the execute face-recognition command:

    execute		face-recognition
    backup 		backup AI infos
    log		AI log
    process		process specific videos
    restore		restore AI infos
    setting		Show/Modify AI configuration
    To back up an AI user's personal information in the CLI:

    execute face-recognition backup <ip:port> <filename><username><password>

    Now we support restore from FTP server only.

    Note

    Restoring an AI user's information is supported in the FTP server only.
    To insert a specific camera's into the AI database in the CLI:

    execute face-recognition process <camera_name>

    To configure AI specific settings in the CLI:

    Show all AI setting parameters:

    execute face-recognition setting

    Show a specific key value:

    execute face-recognition setting <key>

    Modify a specific key value:

    execute face-recognition setting <key> <key_value>

    Event logs

    Three log types have been added to the current log system:

    LOG_EVENT_AID_STATUS

    LOG_EVENT_AID_CONFIG

    LOG_EVENT_AID_UI

    Previous
    Next