Fortinet black logo

Administration Guide

Components

Components

The end-customer's FortiGate devices are managed by one or more FortiManagers. Optionally, logs from the FortiGate devices can be gathered by one or more FortiAnalyzers. The portal aggregates the FortiAnalyzer logs into a central database and performs security analytics on the logs.

The portal provides an administrative web interface (for the administrative staff) and a customer web interface (for the end customers).

Collector and FortiAnalyzer modes

Starting in FortiPortal 5.2.0, you can go to Admin > Settings and select FortiAnalyzer or Collector for the Analytics Data Source setting. This setting changes the display of the Customers page, Add Customer form, and Edit Customer form for administrators. For end customers, this setting changes the display of the dashboard, Reports page, and View page.

Fortinet strongly recommends using FortiAnalyzer mode for new FortiPortal installations. FortiAnalyzer mode is a much simpler deployment and provides equivalent functionality to Collector mode.

Use https://mysqlbackupftp.com to back up the portal and collector database before switching from Collector mode to FortiAnalyzer mode. After you switch modes, the collector database is deleted.

If you select Collector, FortiPortal operates in Collector mode and uses collectors to collect logs from FortiAnalyzer and store the logs in collector databases.

If you select FortiAnalyzer, FortiPortal operates in FortiAnalyzer mode and collects logs directly from FortiAnalyzer. To use FortiAnalyzer mode, you must be running FortiAnalyzer 6.0 or later.

  • When FortiPortal software is upgraded, the system is in Collector mode by default. When FortiPortal software is installed for the first time (starting in FortiPortal 5.2.0), the system is in FortiAnalyzer mode by default.
  • The collector accepts only plain Syslog format, which is not encrypted. When logs are forwarded to the collector in FortiAnalyzer mode, the collector might have trouble processing them.

Collector mode

The following figure shows the FortiPortal components in Collector mode and a typical customer network.

The FortiPortal solution includes the following components in Collector mode:

  • Collector: virtual appliance:
    • Manages logs sent from the FortiGate devices
    • FortiPortal can include more than one collector
  • Collector database: MySQL database:
    • Physical or virtual server provided by the administrator
    • The collector stores the logs in this database
    • FortiPortal can include more than one collector database
  • Portal: virtual appliance:
    • Provides the administrator web interface and the customer web interface.
    • Uses the FortiManager API to manage devices, objects, and policies
    • FortiPortal includes only one portal (however, the portal can consist of multiple VM instances for redundancy and/or scalability)
  • Portal database: MySQL database:
    • Physical or virtual server provided by the administrator
    • The portal aggregates the logs into this database
    • FortiPortal includes only one portal database

The customer web interface enables each end customer to access/analyze their data and administer their service. For additional information about the customer web interface, see the FortiPortal User Guide (which is also available by selecting the help button in the customer web interface).

The administrative web service allows the administrator to configure the services for each end customer, and to manage the overall cloud service.

FortiAnalyzer mode

The following figure shows the FortiPortal components in FortiAnalyzer mode and a typical customer network.

The FortiPortal solution includes the following components in FortiAnalyzer mode:

  • Portal: virtual appliance:
    • Provides the administrator web interface and the customer web interface.
    • Uses the FortiManager API to manage devices, objects, and policies
    • FortiPortal includes only one portal (however, the portal can consist of multiple VM instances for redundancy and/or scalability)
  • Portal database: MySQL database:
    • Physical or virtual server provided by the administrator
    • The portal aggregates the logs into this database
    • FortiPortal includes only one portal database

The customer web interface enables each end customer to access/analyze their data and administer their service. For additional information about the customer web interface, see the FortiPortal User Guide (which is also available by selecting the help button in the customer web interface).

The administrative web service allows the administrator to configure the services for each end customer, and to manage the overall cloud service.

Components

The end-customer's FortiGate devices are managed by one or more FortiManagers. Optionally, logs from the FortiGate devices can be gathered by one or more FortiAnalyzers. The portal aggregates the FortiAnalyzer logs into a central database and performs security analytics on the logs.

The portal provides an administrative web interface (for the administrative staff) and a customer web interface (for the end customers).

Collector and FortiAnalyzer modes

Starting in FortiPortal 5.2.0, you can go to Admin > Settings and select FortiAnalyzer or Collector for the Analytics Data Source setting. This setting changes the display of the Customers page, Add Customer form, and Edit Customer form for administrators. For end customers, this setting changes the display of the dashboard, Reports page, and View page.

Fortinet strongly recommends using FortiAnalyzer mode for new FortiPortal installations. FortiAnalyzer mode is a much simpler deployment and provides equivalent functionality to Collector mode.

Use https://mysqlbackupftp.com to back up the portal and collector database before switching from Collector mode to FortiAnalyzer mode. After you switch modes, the collector database is deleted.

If you select Collector, FortiPortal operates in Collector mode and uses collectors to collect logs from FortiAnalyzer and store the logs in collector databases.

If you select FortiAnalyzer, FortiPortal operates in FortiAnalyzer mode and collects logs directly from FortiAnalyzer. To use FortiAnalyzer mode, you must be running FortiAnalyzer 6.0 or later.

  • When FortiPortal software is upgraded, the system is in Collector mode by default. When FortiPortal software is installed for the first time (starting in FortiPortal 5.2.0), the system is in FortiAnalyzer mode by default.
  • The collector accepts only plain Syslog format, which is not encrypted. When logs are forwarded to the collector in FortiAnalyzer mode, the collector might have trouble processing them.

Collector mode

The following figure shows the FortiPortal components in Collector mode and a typical customer network.

The FortiPortal solution includes the following components in Collector mode:

  • Collector: virtual appliance:
    • Manages logs sent from the FortiGate devices
    • FortiPortal can include more than one collector
  • Collector database: MySQL database:
    • Physical or virtual server provided by the administrator
    • The collector stores the logs in this database
    • FortiPortal can include more than one collector database
  • Portal: virtual appliance:
    • Provides the administrator web interface and the customer web interface.
    • Uses the FortiManager API to manage devices, objects, and policies
    • FortiPortal includes only one portal (however, the portal can consist of multiple VM instances for redundancy and/or scalability)
  • Portal database: MySQL database:
    • Physical or virtual server provided by the administrator
    • The portal aggregates the logs into this database
    • FortiPortal includes only one portal database

The customer web interface enables each end customer to access/analyze their data and administer their service. For additional information about the customer web interface, see the FortiPortal User Guide (which is also available by selecting the help button in the customer web interface).

The administrative web service allows the administrator to configure the services for each end customer, and to manage the overall cloud service.

FortiAnalyzer mode

The following figure shows the FortiPortal components in FortiAnalyzer mode and a typical customer network.

The FortiPortal solution includes the following components in FortiAnalyzer mode:

  • Portal: virtual appliance:
    • Provides the administrator web interface and the customer web interface.
    • Uses the FortiManager API to manage devices, objects, and policies
    • FortiPortal includes only one portal (however, the portal can consist of multiple VM instances for redundancy and/or scalability)
  • Portal database: MySQL database:
    • Physical or virtual server provided by the administrator
    • The portal aggregates the logs into this database
    • FortiPortal includes only one portal database

The customer web interface enables each end customer to access/analyze their data and administer their service. For additional information about the customer web interface, see the FortiPortal User Guide (which is also available by selecting the help button in the customer web interface).

The administrative web service allows the administrator to configure the services for each end customer, and to manage the overall cloud service.