Skip to main content
ush0o
ush0o
New Member
September 11, 2019
Solved

Do I need Fortianalyser with Fortigate for logging and repoting?

  • September 11, 2019
  • 1 reply
  • 2853 views

Hi All Members, 

 

I have question regarting logging and reporting features, 

 

I want to buy Fortigate300E but before buying i want ask few questions , 

 

i'm not sure if Fortigate300E has an Active Directory Connector and if we can authenticate users through native AD or at least LDAP. Need suggestions about it 

 

and secondly 

 

If i buy Fortigate300E do i also need to buy fortianalyzer or fortimanager for logging , reporting and monitoring ? 

 

thanks 

    Best answer by emnoc

    1st part yes you can authenticate via ldap to msad or native ldap

     

    e.g ( my home FWF60D uses jumpcloud )

    socpuppetfw # show user ldap config user ldap    edit "jumpcloud"        set server "52.23.54.171"        set cnid "uid"        set dn "ou=Users,o=xxxxxxxxxx0d797dab1268,dc=jumpcloud,dc=com"        set type regular        set username "uid=ldap,ou=Users,o=xxxxxxxxx0d797dab1268,dc=jumpcloud,dc=com"        set password ENC 1os+j8PFN0VIXT4iR1S3mdJ0faTawVMgGitLSs6Qwhkh48YIHoMCUPHN0skHn9paREnIft4SXZwszT9rdVKH+kkpvgyeP4Th8U/IZuyKUTWSYvlCKnbPadFFZMR+roF71o1MFade+TVpryUmjKtzEypI6C8NumAm+pfYsIdHQcT8l9E4It5fsNbpcoMQspJX7hrdDQ==        set secure ldaps        set port 636    nextend On the 2nd part, NO fortimanger or analyzer are not mandatory. Now if you want a single plane to  use for mgt and log , than yes buy one  but be aware of the limits in number or registered devices and log-space. I would not buy if you only have 1 FGT300E or a cluster. In fact for logging, I would not even spend dollars on Analyzer but use  splunk. FTNT is spported in splunkbase and it works great. read this to see just how easy it is ;) https://www.fortinet.com/content/dam/fortinet/assets/alliances/Fortinet-Splunk-Deployment-Guide.pdf Ken Felix 

    1 reply

    emnoc
    emnocAnswer
    New Member
    September 11, 2019

    1st part yes you can authenticate via ldap to msad or native ldap

     

    e.g ( my home FWF60D uses jumpcloud )

    socpuppetfw # show user ldap config user ldap    edit "jumpcloud"        set server "52.23.54.171"        set cnid "uid"        set dn "ou=Users,o=xxxxxxxxxx0d797dab1268,dc=jumpcloud,dc=com"        set type regular        set username "uid=ldap,ou=Users,o=xxxxxxxxx0d797dab1268,dc=jumpcloud,dc=com"        set password ENC 1os+j8PFN0VIXT4iR1S3mdJ0faTawVMgGitLSs6Qwhkh48YIHoMCUPHN0skHn9paREnIft4SXZwszT9rdVKH+kkpvgyeP4Th8U/IZuyKUTWSYvlCKnbPadFFZMR+roF71o1MFade+TVpryUmjKtzEypI6C8NumAm+pfYsIdHQcT8l9E4It5fsNbpcoMQspJX7hrdDQ==        set secure ldaps        set port 636    nextend On the 2nd part, NO fortimanger or analyzer are not mandatory. Now if you want a single plane to  use for mgt and log , than yes buy one  but be aware of the limits in number or registered devices and log-space. I would not buy if you only have 1 FGT300E or a cluster. In fact for logging, I would not even spend dollars on Analyzer but use  splunk. FTNT is spported in splunkbase and it works great. read this to see just how easy it is ;) https://www.fortinet.com/content/dam/fortinet/assets/alliances/Fortinet-Splunk-Deployment-Guide.pdf Ken Felix 

    ush0o
    ush0oAuthor
    New Member
    September 16, 2019

    Thanks a lot for great explanation about my question.

    Terms & ConditionsAccessibility statement