Detections
Analytics

8.2.1 Encrypt Log Transmission to FortiAnalyzer / FortiManager

Information

Enable encryption for logs that are sent to FortiAnalyzer or FortiManager.

Rationale:

Provides encryption for logs that are sent to FortiAnalyzer or FortiManager to prevent logs being collected and viewed as they traverse the network.

Solution

On GUI:

1. Go to Log & Report > Log Settings.
2. Configure 'Remote logging' to FortiAnalyzer/FortiManager.
3. Select 'Encrypt log transmission'

On CLI:

config log fortianalyzer setting
set enc-algorithm high
end

See Also

https://workbench.cisecurity.org/benchmarks/12961

Item Details

Category: ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|AC-17(2), 800-53|IA-5, 800-53|IA-5(1), 800-53|SC-8, 800-53|SC-8(1), CSCv7|14.4

Plugin: FortiGate

Control ID: 09810a23e812d1c9e516dbf3b85b9950cf8621c2f3a10d81e7ff334069815ca2