Hot!Configure FortiAnalyzer via FQDN

Author
Celio di Cavalcanti
New Member
  • Total Posts : 1
  • Scores: 0
  • Reward points: 0
  • Joined: 2018/08/19 20:35:46
  • Status: offline
2018/08/19 20:43:36 (permalink)
0

Configure FortiAnalyzer via FQDN

Allow in FortiGate to also configure FortiAnalyzer via FQDN. This way we can make high availability via DNS or reverse proxy for example.

set server FQDN or IP Address

Regards,

Celio di Cavalcanti
#1
jklapas
Bronze Member
  • Total Posts : 28
  • Scores: 0
  • Reward points: 0
  • Joined: 2017/06/20 05:05:23
  • Status: offline
Re: Configure FortiAnalyzer via FQDN 2018/08/19 23:34:59 (permalink)
0
 
 
 
Hi
I suppose that this is not your case. I you where able to (for examlple) to load balance logs between to FAZ then you would come to a point that some of logs would be in 1st FAZ and the rest in 2nd FAZ where from forensics point of view is not good idea.
 
a. If you have 2 Fortianalyzer Devices, you can configure Fortigate to push on both devices.
except from these
 
b. Fortianalyzer has a function of the first Fortianalyzer to be in Analyzer Mode and another on Collector mode . That means that Analyzer pushes to Collector.
 
c. Another option is that if your FAZ is a VM machine you can have a second instance in suspend mode with the same IP in DR site (via Layer 2 or NAT communication).
 
 Follows FAZ modes comparison/capabilities
 https://www.fortinetguru.com/2016/03/feature-comparison-between-analyzer-and-collector-mode-fortianalyzer-5-2/
#2
Jump to:
© 2018 APG vNext Commercial Version 5.5