hello friends, a question:
I was checking the security rating of the FG and I noticed the following: (image)
I have reviewed each policy identified at that point and they all have the all for sending logs in the Faz. I also checked the log setting and have event logging enabled.
What is the problem? I don't understand what this failed rating refers to. Could you help me with that clarification please? since I don't understand.
If I disable the usb option as indicated by the security rating, will it generate any impact on my network?
Is there a way to correct this point? since within the options there is not ssl vpn only dmz, lan or wan.
Hi @unknown1020
Below are the possible answers.
For the audit log settings, please make sure you have enabled "Generate Logs when Session Starts" as below
Regarding USB auto configuration, it is a feature that can be utilized to manage a device when there is no technical person available on site to connect to configure/upgrade. if the device is in managed location, you can disable this feature.
Ref: https://community.fortinet.com/t5/FortiGate/Technical-Tip-Firmware-Upgrade-and-Configuration-Restore...
Regarding SSL VPN interface, the best option would be WAN side classification.
thanks my friend
Regarding "Generate Logs when Session Starts", you will find this option in the WebGUI only on bigger models, usually with internal storage. But still, you can enable this kind of logging if you add this option
set logtraffic-start enable
in every policy. So, it's not a general option but available in every security policy.
thanks my friend for you comment
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1846 | |
1130 | |
769 | |
447 | |
260 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.