beautypg.com

Configuring unregistered device, Configuring, Configuring unregistered device connection – Fortinet FortiAnalyzer 3.0 MR7 User Manual

Page 80

background image

FortiAnalyzer Version 3.0 MR7 Administration Guide

78

05-30007-0082-20080908

Configuring unregistered device connection attempt handling

Device

Configuring unregistered device connection attempt handling

You can configure the FortiAnalyzer unit to accept and handles connection
attempts automatically, or to allow connections only from devices that you have
manually added.

Allowing the connection and registering the device enables certain FortiAnalyzer
features. For example, registering known-type devices, either manually or
automatically, configures the FortiAnalyzer unit for features such as device-
specific reports and remote browsing of log messages. Manually adding unknown-
type devices allows you to browse their logs.

Device connection attempt handling and other FortiAnalyzer features vary by
device type. There are two types of devices:

• known device types (FortiGate, FortiManager, FortiClient, FortiMail)
• unknown device type (generic Syslog devices)

Connection attempt handling options for known and unknown device types are
separate.

Depending on your settings in Unregistered Device Options, and whether the
device type is known or unknown, the FortiAnalyzer unit handles connection
attempts in one of these ways:

• ignore the connection (only allow connections from manually added devices)
• allow the connection, add as an unregistered device, but do not keep the

device’s log data (add devices automatically, but do not keep data until you
manually register them)

• if the device is an unknown type, allow the connection, add as an unregistered

device, and keep a specified amount of the device’s log data

• if the device is a known type, allow the connection, add as a registered device,

and keep a specified amount of the device’s log data

If you have specified that connections from unregistered devices will not be
allowed until you manually add them, you must manually configure the connection
before the device will be allowed to connect to the FortiAnalyzer unit.

When devices attempt to connect to a FortiAnalyzer unit that has reached its
number of maximum number of allowed devices, the FortiAnalyzer unit will reject
connection attempts by excess devices, and automatically add those excess
devices to the list of blocked devices. For more information about on blocked
devices, see

“Blocking device connection attempts” on page 86

.

To view the current connection handling settings, go to Device > All > Device and
select Unregistered Device Options.

Note: Many FortiAnalyzer features are not available for unregistered devices of unknown
types. For more information about on the differences between unregistered and registered
devices, see

“Unregistered vs. registered devices” on page 77

.

Both registered and unregistered devices count towards the maximum number of devices
available for a FortiAnalyzer unit. Too many unregistered devices will prevent you from
adding a device. For more information, see

“Maximum number of devices” on page 76

.

See also other documents in the category Fortinet Hardware: