Tag Archives: fortinet fortianalyzer

Web Based Manager

Web-based Manager

This section describes general information about using the Web-based Manager to access the FortiAnalyzer system with a web browser.

This section includes the following topics:

  • System requirements
  • Connecting to the Web-based Manager
  • Web-based Manager overview
  • Web-based Manager configuration

System requirements

Web browser support

The FortiAnalyzer Web-based Manager supports the following web browsers:

  • Microsoft Internet Explorer versions 10 and 11
  • Mozilla Firefox versions 30 and 31
  • Google Chrome version 36

Other web browsers may function correctly, but are not supported by Fortinet.

Screen resolution

Fortinet recommends setting your monitor to a screen resolution of 1280×1024. This allows for all the objects in the Web-based Manager to be properly viewed.

 

 

Connecting to the Web-based Manager

The FortiAnalyzer unit can be configured and managed using the Web-based Manager or the CLI. This section will step you through connecting to the unit via the Web-based Manager.

For more information on connecting your specific FortiAnalyzer unit, read that device’s QuickStart guide.

To connect to the Web-based Manager:

  1. Connect the unit to a management computer using an Ethernet cable.
  2. Configure the management computer to be on the same subnet as the internal interface of the FortiAnalyzer unit:
    • IP address: 192.168.1.2
    • Netmask: 255.255.255.0.
  3. On the management computer, start a supported web browser and browse to https://192.168.1.99.
  4. Type admin in the User Name field, leave the Password field blank, and select Login.

You should now be able to use the FortiAnalyzer Web-based Manager.

For information on enabling administrative access protocols and configuring IP addresses, see “To edit a network interface:” on page 71.

Web-based Manager overview

The FortiAnalyzer Web-based Manager consists of four primary parts: the tab bar, the main menu bar, the tree menu, and the content pane. The content pane includes a toolbar and, in some tabs, is horizontally split into two sections. The main menu bar is only visible in certain tabs when ADOMs are disabled (see “System Information widget” on page 46).

You can use the Web-based Manager menus, lists, and configuration pages to configure most FortiAnalyzer settings. Configuration changes made using the Web-based Manager take effect immediately without resetting the FortiAnalyzer system or interrupting service.

The Web-based Manager also includes online help, accessed by selecting the help icon in the right side of the tab bar.

Tab bar

The Web-based Manager tab bar contains the device model, the available tabs, the Help button and the Log Out button.

Figure 3: The tab bar

Device Manager Manage groups, devices, and VDOMs, and view real-time monitor data.

See “Device Manager” on page 32.

FortiView Drill down top sources, top applications, top destinations, top web sites, top threats, and top cloud applications. This tab was implemented to match the FortiView implementation in FortiGate.

The Log View tab is found in the FortiView tab. View logs for managed devices. You can display, download, import, and delete logs on this page.

See “FortiView” on page 115.

Event Management Configure and view events for managed log devices.

See “Event Management” on page 151.

This tab is not available when the unit is in Collector mode. See “Operation modes” on page 15 for more information.

Reports Configure report templates, schedules, and output profiles, and manage charts and datasets.

See “Reports” on page 165.

This tab is not available when the unit is in Collector mode. See “Operation modes” on page 15 for more information.

System Settings Configure system settings such as network interfaces,

administrators, system time, server settings, and others. You can also perform maintenance and firmware operations.

See “System Settings” on page 42.

 Change Password Select to change the password. Restricted_User and Standard_User admin profiles do not have access to the System Settings tab. An administrator with either of these admin profiles will see the change password icon in the navigation pane.
 Help Open the FortiAnalyzer online help.
 Log Out Log out of the Web-based Manager.

Tree menu

The Web-based Manager tree menu is on the left side of the window. The content in the menu varies depending on which tab is selected and how your FortiAnalyzer unit is configured.

Some elements in the tree menu can be right-clicked to access different configuration options.

Content pane

The content pane is on the right side of the window. The information changes depending on which tab is being viewed and what element is selected in the tree menu. The content pane of the Log View and Reports tabs are split horizontally into two frames.

Web-based Manager configuration

Global settings for the Web-based Manager apply regardless of which administrator account you use to log in. Global settings include the idle timeout, TCP port number on which the Web-based Manager listens for connection attempts, the network interface(s) on which it listens, and the language of its display.

This section includes the following topics:

  • Language support
  • Administrative access
  • Restricting access by trusted hosts
  • Idle timeout

Language support

The Web-based Manager supports multiple languages; the default language setting is Auto Detect. Auto Detect uses the language configured on your management computer. If that language is not supported, the Web-based Manager will default to English.

You can change the Web-based Manager language to English, Simplified Chinese, Traditional Chinese, Japanese, or Korean. For best results, you should select the language that the management computer operating system uses.

To change the Web-based Manager language:

  1. Go to System Settings > Admin > Admin Settings.

Figure 4: Administration settings

  1. In the Language field, select a language from the drop-down list, or select Auto Detect to use the same language as configured for your management computer.
  2. Select Apply.

The following table lists FortiAnalyzer language support information.

Table 3: Language support

Language Web-based Manager Reports Documentation
English a a a
French   a  
Spanish   a  
Portuguese   a  
Korean a a  
Chinese (Simplified) a a  
Chinese (Traditional) a a  
Japanese a a  
Russian   a  
Hebrew   a  
Hungarian   a  

To change the FortiAnalyzer language setting, go to System Settings > Admin > Admin Settings, in Administrative Settings > Language select the desired language on the drop-down menu. The default value is Auto Detect.

Russian, Hebrew, and Hungarian are not included in the default report languages. You can import language translation files for these languages via the command line interface using one of the following commands:

execute sql-report import-lang <language name> <ftp> <server IP address> <user name> <password> <file name> execute sql-report import-lang <language name> <sftp <server IP address> <user name> <password> <file name> execute sql-report import-lang <language name> <scp> <server IP address> <user name> <password> <file name> execute sql-report import-lang <language name> <tftp> <server IP address> <file name>

For more information, see the FortiAnalyzer CLI Reference available from the Fortinet Document Library.

Administrative access

Administrative access enables an administrator to connect to the system to view and change configuration settings. The default configuration of your system allows administrative access to one or more of the interfaces of the unit as described in the QuickStart and installation guides for your device.

Administrative access can be configured in IPv4 or IPv6 and includes settings for: HTTPS, HTTP, PING, SSH (Secure Shell), TELNET, SNMP, Web Service, and Aggregator.

To change administrative access:

  1. Go to System Settings > Network.

By default, port1 settings will be presented. To configure administrative access for a different interface, select All Interfaces, and then select the interface from the list.

  1. Set the IPv4 IP/Netmask or the IPv6 Address, select one or more Administrative Access types for the interface, and set the default gateway and Domain Name System (DNS) servers.

Figure 5: Network management interface

  1. Select Apply to finish changing the access settings.

For more information, see “Network” on page 69.

Restricting access by trusted hosts

To prevent unauthorized access to the Web-based Manager you can configure administrator accounts with trusted hosts. With trusted hosts configured, the admin user can only log in to the Web-based Manager when working on a computer with the trusted host as defined in the admin account.

For more information, see “Administrator” on page 75.

Idle timeout

By default, the Web-based Manager disconnects administrative sessions if no activity takes place for fifteen minutes. This idle timeout is recommended to prevent someone from using the Web-based Manager from a PC that is logged in and then left unattended.

To change the Web-based Manager idle timeout:

  1. Go to System Settings > Admin > Admin Settings (see Figure 4 on page 22).
  2. Change the Idle Timeout minutes as required.
  3. Select Apply to save the setting.

For more information, see “Administrator settings” on page 86.

Reboot and shutdown the FortiAnalyzer unit

Always reboot and shutdown the FortiAnalyzer system using the unit operation options in the Web-based Manager or the CLI to avoid potential configuration problems.

Figure 6: Unit operation actions in the Web-based Manager

To reboot the FortiAnalyzer unit:

  1. In the Web-based Manager, go to System Settings > Dashboard.
  2. In the Unit Operation widget, select Reboot or, in the CLI Console widget, enter: execute reboot The system will be rebooted.

Do you want to continue? (y/n)

  1. Select y to continue. The FortiAnalyzer system will be rebooted.

To shutdown the FortiAnalyzer unit:

  1. In the Web-based Manager, go to System Settings > Dashboard.
  2. In the Unit Operation widget, select Shutdown or, in the CLI Console widget, enter: execute shutdown The system will be halted.

Do you want to continue? (y/n)

  1. Select y to continue. The FortiAnalyzer system will be shut down.

To reset the FortiAnalyzer unit:

  1. In the CLI Console widget, enter:

execute reset all-settings This operation will reset all settings to factory defaults

Do you want to continue? (y/n)

  1. Select y to continue. The device will reset to factory default settings and reboot.

To reset logs and re-transfer all logs into the database:

  1. In the CLI Console widget, enter:

execute reset-sqllog-transfer WARNING: This operation will re-transfer all logs into database.

Do you want to continue? (y/n)

  1. Select y to continue.