Filter
Top Products
FortiAnalyzer Version 3.0 MR7 Administration Guide
142 05-30007-0082-20080908
Connecting the FortiAnalyzer unit to analyze network traffic Network Analyzer
Figure 1: Example network topology for Network Analyzer use
To connect the FortiAnalyzer unit for use with Network Analyzer
1 Connect an Ethernet cable to a port on the FortiAnalyzer unit other than the port
used to collect device logs.
For example, if you receive logs and quarantined files on port 1, you might use
Network Analyzer on port 2. Using a separate port for sniffing prevents log and
quarantine traffic from cluttering Network Analyzer messages, and enables you to
analyze networks without tampering with network settings related to normal
logging and quarantine activity.
2 Connect the other end of the Ethernet cable to the span or mirroring port of an
Ethernet switch.
If connected to the span or mirror port of a switch, Network Analyzer will be able to
observe all traffic passing through the switch.
3 In the CLI, enable Network Analyzer on the port where you attached the Ethernet
cable by entering the commands:
config log settings
set enable_analyzer yes
end
If you are currently logged in to the web-based manager when enabling or
disabling Network Analyzer, you must log out and then log in again for the menu
changes to take effect.
4 In the web-based manager, go to System > Network > Interface.
5 If the interface you will use with Network Analyzer is currently down, select Bring
Up to enable it.
6 Select Modify for the interface you will use with Network Analyzer.
7 Enter the IP/Netmask.
8 Select OK.
You can now configure Network Analyzer settings in Tools > Network Analyzer >
Config.
Hub or
switch
Internet
Internal
network
Span/mirror
port is connected
to Network
Analyzer port