Verify all Policy rules are configured with Logging Options set to log All Sessions (for most verbose logging). In addition to System log settings, verify that individual IPv4 policies are configured with most suitable Logging Options.ģ.
Verify traffic log events contain source and destination IP addresses, and interfaces. Double-click on an Event to view Log Details.Ĥ. Click Forward Traffic or Local Traffic.ģ. Log in to the FortiGate GUI with Super-Admin privilege.Ģ. In addition to logging where events occur within the network, the traffic log events must also identify sources of events, such as IP addresses, processes, and node or device names.įortinet FortiGate Firewall Security Technical Implementation Guideĭetails Check Text ( C-37323r611412_chk ) In order to compile an accurate risk assessment and provide forensic analysis, security personnel need to know the source of the event. Without establishing the source of the event, it is impossible to establish, correlate, and investigate the events leading up to an outage or attack.
0 kommentar(er)
