Fortinet black logo

FortiVoice Cookbook

Monitoring and reporting

Copy Link
Copy Doc ID d2dfda4a-8cb7-11eb-a7dc-00505692583a:156961
Download PDF

Monitoring and reporting

There are many tools within FortiVoice to help manage your security settings and help protect your system.

This section includes the following topics:

Administrator alerts

Administrators can be notified by email of system alerts when FortiVoice detects suspicious activity, such as a SIP attack.

  1. Go to Log & Report > Alert > Configuration and click New.
  2. Enter the administrator's email address and click Create.
  3. Go to Log & Report > Alert > Category.
  4. Under Alert Email Setting, enable Massive SIP authentication failure, and click Apply.

Call detail reports

Reports can be generated and downloaded for greater call inspection, such as for looking into details concerning blocked or denied calls.

  1. Go to Log & Report > Call Report > Call Report.
  2. Select the appropriate call report and click Generate.
  3. A dialog window appears letting you know that the report has been started. Click OK.
  4. Click View Report, where you are redirected to Monitor > Call Report > Report.
  5. Expand the report generated to view the various components of the report. Select the whole report and click Download and either Download PDF, Download HTML, or Download CSV.

SIP password auditor

Frequently review the SIP password audits to make sure that SIP passwords for extensions are secure. Make sure that Password/PIN Policy is enabled under Security > Password Policy > Password/PIN Policy, and that the password policy is applied to SIP users.

  1. Go to Security > Password Policy > Password Auditor.
  2. Review the list of extensions to see whether their password and PIN strengths meet the password policy requirements.

Intrusion detection

Intrusion detection lets you manually add IPs to be exempted from being blocked, remove system added exempt IPs if you find them suspicious, and configure intrusion detection settings.

  1. Go to Security > Intrusion Detection > Setting and set Status to Enable.

Monitoring and reporting

There are many tools within FortiVoice to help manage your security settings and help protect your system.

This section includes the following topics:

Administrator alerts

Administrators can be notified by email of system alerts when FortiVoice detects suspicious activity, such as a SIP attack.

  1. Go to Log & Report > Alert > Configuration and click New.
  2. Enter the administrator's email address and click Create.
  3. Go to Log & Report > Alert > Category.
  4. Under Alert Email Setting, enable Massive SIP authentication failure, and click Apply.

Call detail reports

Reports can be generated and downloaded for greater call inspection, such as for looking into details concerning blocked or denied calls.

  1. Go to Log & Report > Call Report > Call Report.
  2. Select the appropriate call report and click Generate.
  3. A dialog window appears letting you know that the report has been started. Click OK.
  4. Click View Report, where you are redirected to Monitor > Call Report > Report.
  5. Expand the report generated to view the various components of the report. Select the whole report and click Download and either Download PDF, Download HTML, or Download CSV.

SIP password auditor

Frequently review the SIP password audits to make sure that SIP passwords for extensions are secure. Make sure that Password/PIN Policy is enabled under Security > Password Policy > Password/PIN Policy, and that the password policy is applied to SIP users.

  1. Go to Security > Password Policy > Password Auditor.
  2. Review the list of extensions to see whether their password and PIN strengths meet the password policy requirements.

Intrusion detection

Intrusion detection lets you manually add IPs to be exempted from being blocked, remove system added exempt IPs if you find them suspicious, and configure intrusion detection settings.

  1. Go to Security > Intrusion Detection > Setting and set Status to Enable.