Chapter 10 – FortiView

Leave a reply

WHOIS Lookup anchor for public IPv4 addresses

Reverse IP lookup is now possible in FortiOS 5.4. A WHOIS lookup icon is available when you mouse over a public IP address in a FortiView log. If you left-click on the lookup icon, a new tab is opened in your browser for www.networksolutions.com, and a lookup is performed on the selected IP address (this option persists after drilling down one level in FortiView).

 

FortiGuard Cloud App DB identification

FortiView now recognizes FortiGuard Cloud Application database traffic, which is mainly monitored and validated by FortiFlow, an internal application that identifies cloud applications based on IP, Port, and Protocol. Administrators can potentially use this information for WAN Link Load Balancing, for example.

 

7day time display

In FortiOS 5.4, the following FortiGate models now support 7-day time display:

  • FortiGate 1000D
  • FortiGate 1500D
  • FortiGate 3700DX
  • FortiGate 3700D

 

The option for 7-day time display, however, can only be configured in the CLI using the following command:

config log setting

set fortiview-weekly-data {enable|disable}

end

 

New Features

NP4 and NP6 icons showing accelerated sessions (282180):

When viewing sessions in the All Sessions console, information pertaining to NP4/ NP6 acceleration is now reflected via an appropriate icon. The tooltip for the icon includes the NP chip type and its total number of accelerated sessions.

 

Filtering on accelerated sessions (282180):

In addition to NP4/NP6 icons, you can now filter the console on ‘FortiASIC’ (‘Accelerated’ versus ‘Not Accelerated’) sessions.

 

WHOIS Lookup anchor for public IPv4 addresses (282701):

Reverse IP lookup is now possible in FortiOS 5.4. A WHOIS lookup icon is available when you mouse over a public IP address in a FortiView log. If you left-click on the lookup icon, a new tab is opened in your browser for www.networksolutions.com, and a lookup is performed on the selected IP address (this option persists after drilling down one level in FortiView).

 

New Report database construction (280398 267019):

This will improve performance with reports and FortiView without requiring any configuration changes.

 

Added a Timeline graph for admin events (271389)

Improved monitoring of traffic shapers; added traffic shaping to FortiView (290363) Failed Authentication Attemtps are now visible in FortiView (265890)

Added bandwidth column to FortiView (260896)

FortiView now displays Quarantine Source and appropriate icon in lists (289206)

Pages: 1 2 3 4 5 6
This entry was posted in FortiOS 5.4 Handbook and tagged , , on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.