Fortinet 3.0 MR7 Network Card User Manual


  Open as PDF
of 234
 
Network Analyzer Connecting the FortiAnalyzer unit to analyze network traffic
FortiAnalyzer Version 3.0 MR7 Administration Guide
05-30007-0082-20080908 141
Network Analyzer
Network Analyzer can be used as an enhanced local network traffic sniffer to
diagnose areas of the network where firewall policies may require adjustment, or
where traffic anomalies occur.
Network Analyzer logs all traffic seen by the interface for which it is enabled. If
that network interface is connected to the span port of a switch, observed traffic
will include all traffic sent through the switch by other hosts. You can then locate
traffic which should be blocked, or which contains other anomalies.
All captured traffic information is saved to the FortiAnalyzer hard disk. You can
then display this traffic information directly, search it, or generate reports from it.
This section describes how to enable and view traffic captured by the Network
Analyzer. It also describes Network Analyzer log storage configuration options.
Network Analyzer is not visible in Tools > Network Analyzer until enabled in the
CLI. To enable Network Analyzer, access the CLI and enter the commands:
config log settings
set enable_analyzer yes
end
If you are currently logged in to the web-based manager when enabling or
disabling Network Analyzer, you must log out and then log in again for the menu
changes to take effect.
This section includes the following topics:
Connecting the FortiAnalyzer unit to analyze network traffic
Viewing Network Analyzer log messages
Browsing Network Analyzer log files
Customizing the Network Analyzer log view
Searching the Network Analyzer logs
Rolling and uploading Network Analyzer logs
Connecting the FortiAnalyzer unit to analyze network traffic
You usually first connect the FortiAnalyzer unit to the span (or mirroring) port of an
Ethernet switch to sniff traffic with the FortiAnalyzer unit,. Both the management
and sniffing ports can be connected to the same switch.
Note: Network Analyzer available all FortiAnalzyer units except the FortiAnalyzer-100.
 previous next