Associated Certifications:

·         Fortinet Certified Network Security Professional (FCNSP)

Products Used in This Course:

·         FortiAnalyzer, FortiGate and FortiClient

Duration:

·         1 day Classroom

Prerequisites:

·         Completion of the 301 - Secure Network Deployment and Virtual Private Networks course.

·         Solid knowledge of the Web Config administrative interface and the Command Line Interface.

·         Experience with Fortinet network appliances.

Course Content

The FortiAnalyzer Administration course provides one day of instructor-led training (in a public or private on-site class setting) where participants will gain an understanding of the tasks involved in the administration of a FortiAnalyzer appliance.

Hands-on labs allow students to perform some of the basic tasks associated with the configuration and troubleshooting of the FortiAnalyzer device, as well as the creation of reports based on logging information collected on the device.

Course Outline

Lesson 1 – FortiAnalyzer Overview

·         FortiAnalyzer Features

·         FortiAnalyzer Appliance Family

·         Administration Interfaces

Lesson 2 – Device Registration

·         Device List

·         Adding a Device

·         Blocking Devices

·         Securing Communications

Lesson 3 – Logs and Alerts

·         Logging Requirements

·         Processing Logs

·         Viewing Logs

·         Searching Logs

·         Browsing Logs

·         Alerts

Lesson 4 – Reports

·         Designing Reports

·         Generating Reports

·         Browsing Reports

Lesson 5 – Archived and File Quarantine

·         Content Archives

·         File Quarantine

Lesson 6 – System Settings

·         FortiAnalyzer Dashboard

·         FortiAnalyzer Log Settings

·         Rolling Logs

·         Aggregating Logs

·         Forwarding Logs

·         Backing Up Logs

·         Restoring Logs

·         FortiAnalyzer Administrators

·         Disk Management

Lesson 7 – Tools

·         Vulnerability Assessments

·         Network Analyzer

·         File Explorer

·         Network Sharing

Lesson 8 – Diagnostics

·         Normal Operation

·         Diagnostic Commands

·         Disk Health and Usage

·         Index Failures

·         Crashlogs

·         Packet Sniffer

·         Debugging Applications

·         o Other Diagnostic Commands

Course Objectives

Upon completion of this course, students will be able to:

·         Describe the features of the FortiAnalyzer device.

·         Register known and unknown devices with the FortiAnalyzer device.

·         Secure the communication between the FortiAnalyzer and FortiGate devices in the infrastructure.

·         View real-time and historical logging information from devices in the infrastructure.

·         Create alerts to advise administrators of events occurring on registered devices.

·         Design report layouts, data filter templates, data output templates and report schedules.

·         Enable archiving and file quarantining.

·         Configure the FortiAnalyzer device logging settings.

·         Understand and configure different log backup mechanisms.

·         Define administrative privileges.

·         Perform a vulnerability assessment on host computers in the infrastructure.

·         Configure the FortiAnalyzer appliance to analyze network traffic.

·         Configure network sharing to allow report sharing between different users.

·         o Perform diagnostic commands to diagnose and debug system problems.

Who should Attend

·         This course is intended for administrators responsible for managing FortiAnalyzer devices and is geared to professionals with a solid knowledge of the concepts involved in the operation of a FortiGate device.