Fortinet black logo

New Features

Home FortiGate / FortiOS 6.2.0 New Features

Simplify FortiAnalyzer Pairing

6.2.0
7.4.0
7.2.0
7.0.0
6.4.0
6.2.0
Copy Link
Copy Doc ID 761d83e3-4a7b-11e9-94bf-00505692583a:675507
Download PDF

Simplify FortiAnalyzer Pairing

This version simplifies the pairing of FortiAnalyzer and FortiGate by using certificate verification to allow the FortiGate admin to preauthorize access.

When configuring FortiAnalyzer in the root FortiGate, FortiGate has an option to allow FortiAnalyzer to access the FortiGate REST API. FortiGate verifies the FortiAnalyzer by retrieving the FortiAnalyzer serial number and checking it against the FortiAnalyzer certificate. After verification, the FortiAnalyzer serial number is stored in the FortiGate configuration.

Then on the FortiAnalyzer side, the admin authorizes FortiGates in the same Security Fabric. After authorization, the FortiGates can form a Security Fabric in the FortiAnalyzer side without entering the admin credentials of the root FortiGate.

Sample configuration

To configure FortiAnalyzer in the root FortiGate GUI:
  1. Go to Security Fabric > Settings.
  2. Enable FortiGate Telemetry and configure settings.

To configure FortiAnalyzer in the root FortiGate CLI:
config log fortianalyzer setting
    set status enable
    set server "10.6.30.250"
    set certificate-verification enable
    set serial "FL-4HET318900407"
    set access-config enable
    set upload-option realtime
    set reliable enable
end
To authorize FortiGates in the same Security Fabric using the FortiAnalyzer GUI:
  1. In FortiAnalyzer, go to Device Manager and select the FortiGates to be authorized.

  2. After a moment, the FortiGates can form a Security Fabric in the FortiAnalyzer without entering the admin credentials of the root FortiGate.

  3. Go to the FortiGate to see the FortiAnalyzer logging information.

Previous
Next

Simplify FortiAnalyzer Pairing

This version simplifies the pairing of FortiAnalyzer and FortiGate by using certificate verification to allow the FortiGate admin to preauthorize access.

When configuring FortiAnalyzer in the root FortiGate, FortiGate has an option to allow FortiAnalyzer to access the FortiGate REST API. FortiGate verifies the FortiAnalyzer by retrieving the FortiAnalyzer serial number and checking it against the FortiAnalyzer certificate. After verification, the FortiAnalyzer serial number is stored in the FortiGate configuration.

Then on the FortiAnalyzer side, the admin authorizes FortiGates in the same Security Fabric. After authorization, the FortiGates can form a Security Fabric in the FortiAnalyzer side without entering the admin credentials of the root FortiGate.

Sample configuration

To configure FortiAnalyzer in the root FortiGate GUI:
  1. Go to Security Fabric > Settings.
  2. Enable FortiGate Telemetry and configure settings.

To configure FortiAnalyzer in the root FortiGate CLI:
config log fortianalyzer setting
    set status enable
    set server "10.6.30.250"
    set certificate-verification enable
    set serial "FL-4HET318900407"
    set access-config enable
    set upload-option realtime
    set reliable enable
end
To authorize FortiGates in the same Security Fabric using the FortiAnalyzer GUI:
  1. In FortiAnalyzer, go to Device Manager and select the FortiGates to be authorized.

  2. After a moment, the FortiGates can form a Security Fabric in the FortiAnalyzer without entering the admin credentials of the root FortiGate.

  3. Go to the FortiGate to see the FortiAnalyzer logging information.

Previous
Next