Help
FortiAnalyzer
FortiAnalyzer can receive logs and Windows host events directly from endpoints connected to EMS, and you can use FortiAnalyzer to analyze the logs and run reports.
singhl
Staff
Staff

Created on ‎09-25-2025 10:37 PM Edited on ‎10-06-2025 12:17 AM By Moderator

Article Id 412502

Technical Tip: Configure FortiAnalyzer HA in AWS when no internet access on instances

Description

 

This article describes how to configure an HA cluster in AWS when EC2 instances are in a private network and do not have a public IP address or internet access.

 

Scope

 

FortiAnalyzer, AWS.

 

Solution

 

  1. Follow the first 7 steps from Technical Tip: Configuring FortiManager HA in AWS with VRRP and no internet access, as they are the same for FortiAnalyzer.
  2. Configure HA settings on both FortiAnalyzer instances. Make sure 'initial sync' is disabled for the instance intended to be primary and is enabled for the other.

 

Note:

 When the HA Cluster is formed, the secondary will perform a reboot and rebuild the log database. Wait for a few minutes.

 

faz_ha_setting.png

 

  1. Upload all the AWS Root CA certs to the Primary. Certificates can be downloaded from Amazontrust_repository. When HA failover happens, the private IP set as VIP will be transferred to the new primary FortiAnalyzer automatically.

 

Related document:

About FortiAnalyzer for AWS 

Labels:
146
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.