Article Id
194585
Description
This article describes the steps required to use an Identity Based Policy to include user names associated with logs. User authentication in FortiOS 4.0 makes use of the Identity Based Policy possible.
The benefit of Identity-Based policy, over and above being able to finely control access, is if logging is enabled, the log will show the user. For normal policies the user field will be empty, although in the IM logs will have the users IM name.
Application Control Statistics page
Solution
Statistics will now appear in the statistics page when you go to UTM > Application Control > Statistics.
This article describes the steps required to use an Identity Based Policy to include user names associated with logs. User authentication in FortiOS 4.0 makes use of the Identity Based Policy possible.
The benefit of Identity-Based policy, over and above being able to finely control access, is if logging is enabled, the log will show the user. For normal policies the user field will be empty, although in the IM logs will have the users IM name.
Application Control Statistics page
Solution
To enable Statistics Logging in Application
Control
1. Go to UTM > Application Control and select Create New.
1. Go to UTM > Application Control and select Create New.
2. Select a Category.
3. Select an Application and select OK.
4. Go to Firewall > Protection Profile, select Edit for the protection profile you want the application control in.
3. Select an Application and select OK.
4. Go to Firewall > Protection Profile, select Edit for the protection profile you want the application control in.
5. Select the blue arrow for Application Control to
expand the options, and select the new profile you created above
and select OK.
6. Create new User Group to be used in Authentication. This is to be used later in an Identity Based Policy. Go to User > Local, and select Create New to create a new group.
7. Go to Firewall > Policy, and select Edit for the required firewall policy.
6. Create new User Group to be used in Authentication. This is to be used later in an Identity Based Policy. Go to User > Local, and select Create New to create a new group.
7. Go to Firewall > Policy, and select Edit for the required firewall policy.
8. Select Enable Identity Based Policy and select
Add to create this new policy and details
9. Select Add for the Identity Based Policy and select authentication using the group created.
9. Select Add for the Identity Based Policy and select authentication using the group created.
10. Ensure the correct Protection Profile is also selected.
11. Select a Service, select Log Allowed Traffic and select OK.
11. Select a Service, select Log Allowed Traffic and select OK.
Statistics will now appear in the statistics page when you go to UTM > Application Control > Statistics.
NOTE: Application statistics can be
shown without logging specific user IDs. To do this specify the
profile in a normal (non-Identity-Based) policy.
