Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Fortinet Firewall Dashboard

by Josef Weiss
November 12, 2015

A common implementation of firewalls is to protect network devices by analyzing data moving in and out of the organization, restricting unauthorized access and malicious traffic. The firewall barrier is a critical control in effectively monitoring traffic both in and out of an organization.

A task common to many security programs is to monitor and analyze logs and events from security devices such as firewalls. Reviewing the organization’s firewall solution ensures the implementation is running smoothly. Monitoring firewall logs is a critical task in security operations, and facilities the identification of security concerns and related issues. The Fortinet dashboard allows security administrators to view a summary status of firewall information, and includes indicators for events, connection activity, and performance alerts in a single location within SecurityCenter. The continuous monitoring of firewalls allows the analyst to quickly identify important event data, without having to log into multiple devices. Problems can be rapidly identified, and a workflow can be easily created to escalate potential concerns.

Using the correlation features of LCE, the Fortinet dashboard highlights the native ability of SecurityCenter to monitor the status of other security products. By collecting this information, a security analyst can review the configuration and traffic status of the firewall without requiring firewall management privileges.

The dashboard and its components are available in the SecurityCenter Feed, a comprehensive collection of dashboards, reports, assurance report cards and assets. The dashboard can be easily located in the SecurityCenter Feed under the category Monitoring.

The dashboard requirements are:

  • SecurityCenter 4.8.2
  • LCE 4.4.1
  • Nessus 6.4.2
  • PVS 4.4.0

SecurityCenter Continuous View (CV) provides continuous network monitoring, vulnerability identification, risk reduction, and compliance monitoring. SecurityCenter CV is continuously updated with information about advanced threats, zero-day vulnerabilities, and new types of regulatory compliance configuration audits. LCE correlates real-time events, such as DNS queries, and then performs analysis to discover vulnerabilities and Indicators of Compromise (IOC). LCE also has the capability to discover users, operating systems, network devices, hypervisors, databases, tablets, phones, web servers, and other critical infrastructure. SecurityCenter CV allows for the most comprehensive and integrated view of network health.

The collection contains to following components:

  • Fortinet - Allowed Connection Activity - This component trends the number of allowed connections over the last seven days as reported by a FortiGate device.
  • Fortinet - Blocked Connection Activity - This component trends the number of blocked connections over the last seven days as reported by a FortiGate device.
  • Fortinet - TCP Connection Timeout - This component trends the number of TCP session timeouts over the last seven days as reported by a FortiGate device.
  • Fortinet - Data Events - This component displays total counts of accepted and blocked TCP, UDP and ICMP connections over the last 24 hours as reported by a FortiGate device.
  • Fortinet - Critical Events - This component indicates on several critical events. These events are SSL certificates that have been signed with a compromised key, log rolls, and overwrites.
  • Fortinet - VPN Events - This matrix component indicates on Fortinet VPN events, providing alerts to when tunnels fail, go down, or become disabled. There are also active indicators that provide notification if Fortinet VPN Clients are found to be installed on endpoint devices.
  • Fortinet - Performance Statistics - This component displays 'Performance Statistic' log data that is forwarded from a FortiGate device. The log data contains information in regard to memory, CPU utilization, and total sessions. Performance stat forwarding must be enabled on the FortiGate device for it to forward these types of events to a logging source.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Try Tenable Web App Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web App Scanning trial also includes Tenable Vulnerability Management and Tenable Lumin.

Buy Tenable Web App Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try Tenable Lumin

Visualize and explore your exposure management, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable Vulnerability Management and Tenable Web App Scanning.

Buy Tenable Lumin

Contact a Sales Representative to see how Tenable Lumin can help you gain insight across your entire organization and manage cyber risk.

Try Tenable Nessus Professional Free

FREE FOR 7 DAYS

Tenable Nessus is the most comprehensive vulnerability scanner on the market today.

NEW - Tenable Nessus Expert
Now Available

Nessus Expert adds even more features, including external attack surface scanning, and the ability to add domains and scan cloud infrastructure. Click here to Try Nessus Expert.

Fill out the form below to continue with a Nessus Pro Trial.

Buy Tenable Nessus Professional

Tenable Nessus is the most comprehensive vulnerability scanner on the market today. Tenable Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select Your License

Buy a multi-year license and save.

Add Support and Training

Try Tenable Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Tenable Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Tenable Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Select Your License

Buy a multi-year license and save more.

Add Support and Training