background image

Management 

Device

FortiGuard Analysis and Management Service Version 1.2.0 Administration Guide
13-12000-406-20081031

41

Comparing configuration revisions

As you accrue configuration revisions, you may want to determine what changed 
between two revisions. This can be useful for troubleshooting a configuration 
change, or for creating scripts.

Both the FortiGate web-based manager and the portal web site provides a “diff” 
tool, which enables you to view changes either within the context of each whole 
file or as isolated change lines.

To compare configuration revisions from within the portal web site

1

Go to 

Management > Device > Revision History

.

2

Select the Host Name of the device that you want to compare revisions.

3

In the Action column, in the row corresponding to either one of the revisions that 
you want to compare, select Compare.

4

From “Compared With”, select the revision number selection method, then select 
or type the Revision Number.

5

To show only configuration lines which differ, select Show Different Parts Only.

If you select Show Different Parts Only, configuration lines which differ will be 
highlighted with color.

6

Select OK.

A new window appears, containing each configuration revision in a separate 
column, with changes highlighted.
• Green highlight: added line
• Yellow highlight: changed line
• Red highlight: deleted line

You can scroll down through the changes, or select a double arrow (<< or >>) 
located at the top to jump to the exact position of the next or previous change.

Original Revision

Enter the number of the original revision configuration. This will be 

the first revision; the second revision, the one that will be 

compared to the original, is selected in Revision Number. 

Compared With

Select either Select Revision or Specify Revision to have a 

specific comparison of the two revision configurations or just the 

selected revision. 

Select Revision

 – Compares with another Revision Number that 

you choose by selecting from the descriptive list that includes 

revision numbers, times, administrators, and associated revision 

comments for each revision.

Specify Revision

 – Compares with another Revision Number that 

you choose by typing it.

Revision Number

The revision configuration that you are going to compare the 

original revision configuration with. 
If you select Select Revision, a list of the revision configurations 

appears with the revision number, date and time, user associated 

with that revision, and a comment.Select one of these revisions.
If you select Specify Revision, enter a number for the revision 

configuration you want to compare with the original revision 

configuration. 

Содержание FortiGuard Analysis and Management Service 1.2.0

Страница 1: ...www fortinet com FortiGuard Analysis and Management Service Version 1 2 0 A D M I N I S T R A T I O N G U I D E...

Страница 2: ...en permission of Fortinet Inc Trademarks Dynamic Threat Prevention System DTPS APSecure FortiASIC FortiBIOS FortiBridge FortiClient FortiGate FortiGate Unified Threat Management System FortiGuard Fort...

Страница 3: ...the portal web site 11 Obtaining a trial contract 14 Configuring a device to use the service 16 Verifying the connectivity between the service and the device 17 Configuring remote logging and central...

Страница 4: ...rom the portal web site 45 Changing firmware from the device 46 Scripts 47 Creating scripts 47 Viewing available configuration scripts 48 Topology Tool 49 Creating a network diagram 52 Viewing a netwo...

Страница 5: ...Contents FortiGuard Analysis and Management Service Version 1 2 0 Administration Guide 13 12000 406 20081031 5 Index 75...

Страница 6: ...FortiGuard Analysis and Management Service Version 1 2 0 Administration Guide 6 13 12000 406 20081031 Contents...

Страница 7: ...tiGate unit as device and the FortiGuard Analysis and Management Service portal web site as the portal web site This section introduces you to FortiGuard Analysis and Management Service and the follow...

Страница 8: ...owledge center contains troubleshooting and how to articles FAQs technical notes a glossary and more Visit the Fortinet Knowledge Center Comments on Fortinet technical documentation Please send inform...

Страница 9: ...406 20081002 9 Customer service and technical support Fortinet Technical Support provides services designed to make sure that your Fortinet systems install quickly configure easily and operate reliabl...

Страница 10: ...FortiGuard Analysis and Management Service Version 1 2 0 Administration Guide 10 13 12000 406 20081002 Customer service and technical support Introduction...

Страница 11: ...portal web site if you have not already purchased a contract from your sales representative After setting up the service you can configure additional devices to connect to the service You do not need...

Страница 12: ...ou have multiple Service Account IDs for one contract Certain contracts allow for multiple Service Account IDs which provides more flexibility Contracts can allow both multiple devices and multiple se...

Страница 13: ...ovides information about the devices such as connection status to the service tasks and revision history You can also schedule upgrades for devices and run scripts Script The Script tab allows you to...

Страница 14: ...to authorize and configure devices to use the service Follow the procedures in Configuring a device to use the service on page 16 Figure 3 Registering for a trial contact Section Each tab contains se...

Страница 15: ...surements such as log time stamps and schedules for changing firmware that may appear for your managed devices in the portal web site are relative to this time zone Your Login You will use the informa...

Страница 16: ...a device to use the service You need to configure devices to use the service after signing up for a trial contract or after purchasing a contract You need your Service Account ID to enable the service...

Страница 17: ...evice The device connects to the Fortinet Distribution Network FDN to validate connectivity with that Service Account ID After successful validation the options for configuring and using the service b...

Страница 18: ...device reaches its quota either Overwrite oldest logs or Do not log 5 From Minimum log level select one of the following log severity levels Messages with an equal or lesser severity will be sent to t...

Страница 19: ...n on logout timeout Automatically upload a new configuration revision to the service when an administrator logs out or the session times out Most configuration changes cause an automatic backup Except...

Страница 20: ...om the menu on the left 3 Select the Service Account ID to which you want to apply the contract number Figure 7 Locating the Service Account ID Near the bottom of the page a serial number list appears...

Страница 21: ...y adding a purchased contract You can also expand the disk space available to your service account by purchasing a contract for a larger amount of space If you have previously obtained a trial contrac...

Страница 22: ...nt ID Near the bottom of the page a Product Contract Maintenance area appears 4 Enter the Contract Number and a Description in the appropriate fields Figure 10 Adding a purchased contract 5 Select Add...

Страница 23: ...e the new service or adjust settings such as quota and configure devices to allow remote logging or central management Continue setup with Management on page 35 Required port numbers The service is pr...

Страница 24: ...FortiGuard Analysis and Management Service Version 1 2 0 Administration Guide 24 13 12000 406 20081031 Required port numbers Setup...

Страница 25: ...nfiguring widgets Customizing the Dashboard page The Dashboard main menu The Dashboard main menu provides users the flexibility they need to monitor the network and devices Within this menu users can...

Страница 26: ...Network Monitor and Trap Console The other widgets which include Report Browser are all report widgets and receive all of their information from logs Most widgets contain the following arrows and icon...

Страница 27: ...ge Widgets provide information that is quickly accessed and viewed by users You can also edit these widgets after configuring them The following information explains how to configure each individual w...

Страница 28: ...Polling Interval Select how often the server will poll the device to receive information in intervals of 60 seconds 2 minutes or 5 minutes Monitor s Select the monitors to include in this widget with...

Страница 29: ...tain Variable The type of variable or monitor that is available in the list Additional Selection Depending on the monitor selected you can also select the type of interface for example external Color...

Страница 30: ...d level information for that report The seven available report widgets are Traffic Report provides information about network traffic based on traffic logs Name Enter the name of the trap console for e...

Страница 31: ...ns in the table below Select OK to save the changed settings Figure 15 Report configuration screen Traffic Report displayed Title Enter the name of the report For example Headquarters_Traffic indicate...

Страница 32: ...time Select OK after configuring both the date and time Top Enter the top number of entries to be displayed For example select 10 from the list so that only the top 10 events display Color Bar chart o...

Страница 33: ...ure describes how to customize the Dashboard page rename it and delete it The Dashboard page always appears after you log in to the portal web site if you have not made another page the default page T...

Страница 34: ...FortiGuard Analysis and Management Service Version 1 2 0 Administration Guide 34 13 12000 406 20081031 Customizing the Dashboard page Dashboard...

Страница 35: ...te scripts from configuration revisions and restore configuration revisions to devices This topic includes the following Viewing device information Adding and editing devices Authorizing the service o...

Страница 36: ...ach device s information SN The serial number of the device Firmware The firmware image currently running on the device The firmware image is displayed in the format V version_number b build_number ma...

Страница 37: ...ging firmware from the device on page 45 and Changing firmware from the portal web site on page 44 Run Script Run a script file For more information about scripts see Creating scripts on page 46 and R...

Страница 38: ...go to the device s web based manager to reconnect to the service For more information about connecting to the service see Configuring remote logging and central management on page 17 De authorizing t...

Страница 39: ...iGuard and then select Backup If you want to automatically send configuration revisions on administrator logout or timeout enable the feature from System Admin Central Management in the FortiGate web...

Страница 40: ...specific configuration files Search Enter search terms then select Search to display specific configuration files Reset Select Reset to clear time range and search constraints on the configuration fil...

Страница 41: ...sion in a separate column with changes highlighted Green highlight added line Yellow highlight changed line Red highlight deleted line You can scroll down through the changes or select a double arrow...

Страница 42: ...ger go to System Maintenance Backup Restore 2 In Restore configuration from select FortiGuard to restore a configuration from the portal web site 3 Select Browse to locate the configuration revision o...

Страница 43: ...able firmware images When you select the Show Applicable Firmware link in Tasks all available firmware images on the FDN appear This list includes FortiOS 2 80 firmware and patch releases Figure 22 Fi...

Страница 44: ...when the device next polls the service 4 From Firmware select which firmware version to install from the list 5 Select Submit The firmware change scheduled for the device appears in the Device Firmwar...

Страница 45: ...rmware after the image is successfully downloaded another message appears This operation will downgrade the current firmware version Are you sure you want to continue 7 Select OK Scripts Scripts allow...

Страница 46: ...ma or space delimited list remember to re type the entire list not just new list items 5 Save the configuration file 6 Go to Script 7 Select Upload 8 In the Upload Script dialog box enter a name for t...

Страница 47: ...By default the first page of the list of items is displayed The total number of pages appears after the current page number For example if 3 54 appears you are currently viewing page 3 of 54 pages To...

Страница 48: ...all the things you need to create a network diagram such as Fortinet device icons connector lines and text boxes There are also two modes to select from View mode displays the network diagram and Edi...

Страница 49: ...nd customize the view These additional menus differ between View mode and Edit mode but you can access them the same way For example to open a saved network diagram go to File Open View Mode menus Fil...

Страница 50: ...es you want in your diagram such as Fortinet product icons or computers and connector lines as well as many other options To create a network diagram 1 Go to Management Topology Tool 2 Select Edit Mod...

Страница 51: ...cate the file and select Open Settings The Settings tab allows you to configure service account information and to define alert profiles contract numbers and users associated with the service This top...

Страница 52: ...Date The date the service contract expires Quota The maximum amount of disk space that you can allocate to devices using the service Daily Volume The maximum amount of disk space that a device is usi...

Страница 53: ...ser cannot delete his or her own profile Add User Add a portal user login For more information see Adding editing and removing administrators on page 52 User Name The name of the user that has access...

Страница 54: ...r profile 1 Go to Management Settings 2 In User Information select My Profile 3 Enter the new information for the following User Name Enter or change the name of the user Password Enter or change the...

Страница 55: ...ert profiles provide notification of when a specified threshold has been reached by sending an email message to the specified email address You can add multiple alert profiles from the Alert Profile s...

Страница 56: ...cify the number of alerts that must occur before an email notification is sent to the specified email address Select a number from the second list to specify when alert notification email will be sent...

Страница 57: ...ed to identify attack patterns when customizing policies to prevent attacks monitor Internet surfing patterns for compliance with your company policy identify your web site visitors for potential cust...

Страница 58: ...vailable from the Fortinet Knowledge Center web site You can search both recent and historical log messages when viewing them in either Recent or Specified by using Type Level or Column Settings Viewi...

Страница 59: ...the log column views on page 61 Period Recent Specified By default Recent appears Recent displays all current log messages that are occurring in real time on the selected device Specified displays all...

Страница 60: ...the information you want to view You can add remove and change the position of each column from the Column Display Settings window This window appears after you select the Column Settings icon Each Co...

Страница 61: ...olumns Select Default to return all columns to their default displayed hidden status 3 Select Submit You can revert to the default column settings by selecting Default To change the order of the colum...

Страница 62: ...1 1 1 1 or 2 2 2 1 2 2 2 10 To filter logs 1 Go to Analysis Log Viewer 2 Select a log type to view log messages from 3 Go to a column in the log type 4 Select the filter icon in that column s heading...

Страница 63: ...fields From and To appear with calendars Select the calendar to specify the dates to view historical log messages on those dates Log Files The name of the log file you are currently viewing This name...

Страница 64: ...log files from the FortiGate web based manager does not permanently remove them from the FortiGuard Analysis server Log files that are deleted from the FortiGate web based manager will not be include...

Страница 65: ...u need them You can save reports to your computer if you want to view them outside of the portal web site Figure 32 Reports Viewing generated reports After a report is automatically configured and gen...

Страница 66: ...reports Deleting reports provides more space on the FortiGuard Analysis server for current reports Fortinet recommends that you save the report before deleting it to ensure you have the report should...

Страница 67: ...e e Discovery administrator role can also view these tasks or create new ones The following topics are included in this section Viewing e Discovery tasks Creating tasks for e Discovery Viewing e Disco...

Страница 68: ...ults of the search For example if you are searching for a group of specific email messages the Result column would indicate how many email messages contain the specific search criteria Action Select C...

Страница 69: ...detailed information about the search criteria including the attachment name Search Devices The devices that will be searched for the email message There can be multiple devices Date Range The time pe...

Страница 70: ...sk Description Enter a description for this task Search Archives From Select a device or multiple devices The archived email you specify in this task will be searched on only the selected devices All...

Страница 71: ...rchived email messages that you want to search From Select the calendar icon and then select the start date To Select the calendar icon and then select the end date Email Search Criteria Enter the app...

Страница 72: ...FortiGuard Analysis and Management Service Version 1 2 0 Administration Guide 74 13 12000 406 20081031 e Discovery Analysis...

Страница 73: ...searching 41 configuring alert profile 57 configuring remote logging 18 contracts renewing the service 20 creating scripts from configuration file 47 scripts from script menu 48 tasks in e Discovery 7...

Страница 74: ...figuration revisions 41 service verifying connectivity 17 service account id changing 57 service account information 53 settings alert profile 57 service account information 57 T time daylight savings...

Страница 75: ...www fortinet com...

Страница 76: ...www fortinet com...

Отзывы: