FortiManager

Version: FortiManager version 6.2.0 and later

FortiManager appliance allows you to centrally manage many Fortinet devices from a few to thousands, including FortiGate, FortiWiFi, FortiCarrier, FortiMail, and FortiAnalyzer appliances and virtual appliances, as well as FortiClient endpoint security agents.

Netsurion, when integrated with FortiManager, enables users to view critical information related to activities performed in FortiManager or other Fortinet devices. This information is represented in the form of report, alert and graphical/ pictorial representation(dashboard).

Flex reports contain a detailed overview of activities like managed-devices login/ logout, login failed, deployment manager events, events associated with high availability for Forti devices, etc.

Alerts are provided as soon as any critical events are triggered by FortiManager. Such as, login failed, system/ managed device unexpected reboot and shutdown, etc.

From visual representation/ overview of top activities being performed in FortiManager to unauthorized user access (failed) can be viewed on Netsurion dashboard.

Netsurion monitors all the FortiManager events from services like system manager, Fortiguard service events, managed device operations, etc., they are given as below.

  • Security – User login fail (Web service), User login fail (SSH auth), etc.
  • Compliance – Device configuration operations, FortiGate-FortiManager protocol operations, etc.
  • Operation - System login events, System manager events, High Availability status changes.

Once FortiManager is configured to deliver events to Netsurion Manager; alerts, dashboards, and reports can be configured into Netsurion.

Some of the Data Source Integrations available in Netsurion are listed below.

Alerts

Type Name Description
Security FortiManager - unexpected system rebooted triggered This alert is triggered when there is an unexpected/ unplanned system reboot occurs in FortiManager.
Security FortiManager - unexpected device rebooted triggered This alert is triggered when there is an unexpected/ unplanned system reboot occurs in any Forti device.
Security FortiManager - unexpected device shutdown triggered This alert is triggered when there is an unexpected/ unplanned system shutdown occurs in any Forti device.
Security FortiManager - unexpected system shutdown triggered This alert is triggered when there is an unexpected/ unplanned system shutdown that occurs in FortiManager.
Security FortiManager - User login fail (SSH auth) detected This alert is triggered when an SSH authentication failure is detected by FortiManager
Security FortiManager - User login fail (Web service) detected This alert is triggered when a user fails to provide valid authorization via the web-based user interface.
Operations FortiManager - Log daemon fluctuation detected This alert is triggered when the FortiManager log daemon frequently fluctuates. i.e. series of log daemon up/down events.

Reports

Type Name Description
Security FortiManager - web service (Login Error) This report includes a summary of the failed login of a user via the web-based user interface.
Operations FortiManager - High availability events High availability events are the events considered for a peer/ backup device for the primary FortiManager appliance. This report will display the peer devices up/ down status (if any).
Operations FortiManager - System manager events System management includes events associated with the devices/ system present in the network or associated with FortiManager.
Operations FortiManager - Managed device operations Managed device operations include events such as unexpected/ unplanned reboot and shut down by Forti devices.
Operations FortiManager - Deployment manager operations This report provides information about the process of deployment. It shows information about the failure or success status of the deployment.
Operations FortiManager - Device Manager operations This report includes events related to FortiManager device activities.
Operations FortiManager - Log daemon UP/ Down events This report includes a summary of logging daemon status up/down and reason.
Compliance FortiManager - FGFM protocol operations This report includes events related to FortiGate-FortiManager protocol operations.
Compliance FortiManager - Device configuration changes Device configuration operation includes events where the new configuration is added or updated on the existing objects.

Documentation

The configuration details are consistent with Netsurion version 9.x and later, and FortiManager v6.2.0 and later.

Download Integration Guide and How-to Guide for more information and to configuration instructions.

This site uses cookies to store information on your computer. Some are essential to make our site work; others help us improve the user experience. By using the site, you consent to the placement of these cookies. Read our Privacy Statement to learn more.

I Accept