vendor:forti
Differences
This shows you the differences between two versions of the page.
vendor:forti [2023/06/13 18:02] – created veera | vendor:forti [2023/06/13 18:11] (current) – [Configuring on Fortigate] veera | ||
---|---|---|---|
Line 40: | Line 40: | ||
<note important> | <note important> | ||
+ | |||
+ | |||
+ | ===== Configuration on Trisul Network Analytics ===== | ||
+ | |||
+ | Next, on Trisul perform the following configuration steps | ||
+ | |||
+ | == Netflow configuration file https:// | ||
+ | |||
+ | source / | ||
+ | edit.cfg | ||
+ | (select option 3 to edit Netflow) | ||
+ | |||
+ | |||
+ | Then make the following changes | ||
+ | * Set '' | ||
+ | * Set '' | ||
+ | * Set '' | ||
+ | |||
+ | |||
+ | |||
+ | == Creating metering policies == | ||
+ | |||
+ | After Trisul has been running for a while, it is time to configure some extra metering policies. Do the following | ||
+ | |||
+ | * Create a Crosskey counter group called " | ||
+ | * Create a Crosskey counter group called " | ||
+ | * From the Netflow Wizard enable all Trackers | ||
+ | * From the Netflow Wizard enable all Utilization alerts | ||
+ | |||
+ | Then restart the trisul probe. | ||
+ | |||
+ | This will be a good starting configuration for a Fortigate environment. | ||
+ | |||
+ | |||
+ | === References === | ||
+ | |||
+ | |||
+ | 1. Fortigate Netflow https:// | ||
+ | |||
+ | 2. Trisul Network Analytics - Netflow configuration file https:// | ||
+ | |||
+ | |||
+ | |||
vendor/forti.1686659538.txt.gz · Last modified: 2023/06/13 18:02 by veera