Hi,
I have multiple policies in my firewalls that use service groups (at least 15-20 tcp/udp ports). I want to know if there's a way beside logging all and wait to know the hits on each ports from a specific policy ? I know there's the hit count number that sums all hits on every single ports used in that group/policy but I want to know for each ports separately.
Thank you,
Fortigate : 80E, 80F, 100E, 200F, 300E : 6.4.6
FortiAnalyzer, ForticlientEMS
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
If you have unique policy with just that one "service" you will get exact hits. I'm doing that with a business today with SQl since they are are over from 1433-1436, we have define custom services and a specific policy for that.
Now in the FAZ chartbuilder or FGT ( webGUI/CLI ) we can extract logs for traffic that matches just that one "service". It does create more fwpolicies but with logging and reports it's easier to see what's happening vrs a service-group approach.
PCNSE
NSE
StrongSwan
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1645 | |
1070 | |
751 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.