Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • New Features

    6.2.0
    7.6.0
    7.4.0
    7.2.0
    7.0.0
    6.4.0
    6.2.0

    Netflow / IPFIX Support

    Netflow / IPFIX Support

    Support for Netflow (v1, v5, v9) and IPFIX (IP Flow Information Export) is added to FortiSwitch 6.2, and the resulting data will be available to FortiAnalyzer (and FortiView) for new traffic statistics and topology views. Traffic sampling data can be used to show which users or devices behind switches are generating the highest traffic in those networks.

    You can now configure Netflow/IPFIX on managed FortiSwitch units on switch controller.

    You can configure flow-tracking related parameters by using the default values:

    # config switch-controller flow-tracking

    (flow-tracking) # get

    sample-mode : perimeter

    sample-rate : 512

    format : netflow9

    collector-ip : 0.0.0.0 ------> all-zero IP address implies disabled

    collector-port : 0

    transport : udp

    level : ip

    filter : -------> complies with tcpdump/wireshark filter syntax

    max-export-pkt-size : 512

    timeout-general : 3600

    timeout-icmp : 300

    timeout-max : 604800

    timeout-tcp : 3600

    timeout-tcp-fin : 300

    timeout-tcp-rst : 120

    timeout-udp : 300

    aggregates:

    Following are the sampling mode options:

    • Perimeter sampling: RX sampling enabled on all non-fabric FortiSwitch ports, including access port and FortiLink port, but not the FortiLink ISL port.
    • Device-Ingress sampling: RX sampling enabled on all FortiSwitch ports.
    • Local sampling: Sampling must be enabled on specific FortiSwitch ports by using config switch-controller managed-switch and config ports.
    Previous
    Next

    Netflow / IPFIX Support

    Netflow / IPFIX Support

    Support for Netflow (v1, v5, v9) and IPFIX (IP Flow Information Export) is added to FortiSwitch 6.2, and the resulting data will be available to FortiAnalyzer (and FortiView) for new traffic statistics and topology views. Traffic sampling data can be used to show which users or devices behind switches are generating the highest traffic in those networks.

    You can now configure Netflow/IPFIX on managed FortiSwitch units on switch controller.

    You can configure flow-tracking related parameters by using the default values:

    # config switch-controller flow-tracking

    (flow-tracking) # get

    sample-mode : perimeter

    sample-rate : 512

    format : netflow9

    collector-ip : 0.0.0.0 ------> all-zero IP address implies disabled

    collector-port : 0

    transport : udp

    level : ip

    filter : -------> complies with tcpdump/wireshark filter syntax

    max-export-pkt-size : 512

    timeout-general : 3600

    timeout-icmp : 300

    timeout-max : 604800

    timeout-tcp : 3600

    timeout-tcp-fin : 300

    timeout-tcp-rst : 120

    timeout-udp : 300

    aggregates:

    Following are the sampling mode options:

    • Perimeter sampling: RX sampling enabled on all non-fabric FortiSwitch ports, including access port and FortiLink port, but not the FortiLink ISL port.
    • Device-Ingress sampling: RX sampling enabled on all FortiSwitch ports.
    • Local sampling: Sampling must be enabled on specific FortiSwitch ports by using config switch-controller managed-switch and config ports.
    Previous
    Next