Fortinet black logo

External Systems Configuration Guide

Juniper Networks Steel-Belted RADIUS

Juniper Networks Steel-Belted RADIUS

What is Discovered and Monitored

Protocol

Information discovered

Metrics collected

Used for

SNMP

Application type

Process level CPU utilization, Memory utilization

Performance Monitoring

WMI

Application type, service mappings

Process level metrics: uptime, CPU Utilization, Memory utilization, Read I/O, Write I/O

Performance Monitoring

Syslog

Application type

Successful and Failed Authentications, Successful and Failed administrative logons, RADIUS accounting logs

Security Monitoring and compliance

Event Types

In ADMIN > Device Support > Event, search for "Juniper Steel-Belted RADIUS" in the Device Type column to see the event types associated with this device.

Configuration

SNMP

FortiSIEM uses SNMP to discover and monitor this device. Make sure SNMP is enabled for the device as directed in its product documentation. For more information, refer to sections "Discovery Settings" and "Setting Credentials" in the User Guide.

Syslog

  1. Login as administrator.
  2. Install and configure Epilog application to convert log files written by Steelbelted RADIUS server into syslogs for sending to FortiSIEM:
    1. Download Epilog from Epilog download site and install it on your Windows Server.
    2. Launch Epilog from Start→All Programs→InterSect Alliance→Epilog for windows.
    3. Configure Epilog application as follows:
      1. Select Log Configuration on left hand panel, click Add button to add log files whose content must be sent to FortiSIEM. These log files are written by the Steelbelted RADIUS server and their paths are correct. Also make sure the Log Type is SteelbeltedLog.
      2. Select Network Configuration on left hand panel. On the right, set the destination address to that of FortiSIEM server, port to 514 and make sure that syslog header is enabled. Then click Change Configuration button.
      3. Click the "Apply the latest audit configuration" link on the left hand side to apply the changes to Epilog applications. DHCP logs will now sent to FortiSIEM in real time.

Juniper Networks Steel-Belted RADIUS

What is Discovered and Monitored

Protocol

Information discovered

Metrics collected

Used for

SNMP

Application type

Process level CPU utilization, Memory utilization

Performance Monitoring

WMI

Application type, service mappings

Process level metrics: uptime, CPU Utilization, Memory utilization, Read I/O, Write I/O

Performance Monitoring

Syslog

Application type

Successful and Failed Authentications, Successful and Failed administrative logons, RADIUS accounting logs

Security Monitoring and compliance

Event Types

In ADMIN > Device Support > Event, search for "Juniper Steel-Belted RADIUS" in the Device Type column to see the event types associated with this device.

Configuration

SNMP

FortiSIEM uses SNMP to discover and monitor this device. Make sure SNMP is enabled for the device as directed in its product documentation. For more information, refer to sections "Discovery Settings" and "Setting Credentials" in the User Guide.

Syslog

  1. Login as administrator.
  2. Install and configure Epilog application to convert log files written by Steelbelted RADIUS server into syslogs for sending to FortiSIEM:
    1. Download Epilog from Epilog download site and install it on your Windows Server.
    2. Launch Epilog from Start→All Programs→InterSect Alliance→Epilog for windows.
    3. Configure Epilog application as follows:
      1. Select Log Configuration on left hand panel, click Add button to add log files whose content must be sent to FortiSIEM. These log files are written by the Steelbelted RADIUS server and their paths are correct. Also make sure the Log Type is SteelbeltedLog.
      2. Select Network Configuration on left hand panel. On the right, set the destination address to that of FortiSIEM server, port to 514 and make sure that syslog header is enabled. Then click Change Configuration button.
      3. Click the "Apply the latest audit configuration" link on the left hand side to apply the changes to Epilog applications. DHCP logs will now sent to FortiSIEM in real time.