Cli Console - Fortinet FortiGate Series Administration Manual

System Status

CLI Console

FortiGate Version 4.0 MR1 Administration Guide
01-410-89802-20090903
http://docs.fortinet.com/ • Feedback
Since The date and time when the counts were last reset.
Counts are reset when the FortiGate unit reboots, or when you select Reset.
Reset Reset the Log and Archive Statistic counts to zero.
DLP A summary of the HTTP, HTTPS, email, FTP IM, and VoIP (also called session
control) traffic that has passed through the FortiGate unit, and has archived by DLP.
Archive
The Details pages list the last 64 items of the selected type and provides links to the
FortiAnalyzer unit where the archived traffic is stored. If logging to a FortiAnalyzer unit
is not configured, the Details pages provide a link to Log & Report > Log Config >
Log Settings.
You configure the FortiGate unit to collect DLP archive data for the widget by
configuring protection profiles to display content meta-information on the system
dashboard. To configure a protection profile, go to Firewall > Protection Profile. Create
or edit a protection profile and configure Data Leak Prevention Sensor > Display
content meta-information on the system dashboard and select the protocols to collect
statistics for. By default meta-data is collected and displayed on the statistics widget for
all protocols. For more information, see
page 501.
You must also add the protection profile to a firewall policy. When the firewall policy
receives sessions for the selected protocols, meta-data is added to the statistics
widget.
The Email statistics are based on email protocols. POP3 and IMAP traffic is registered
as email received, and SMTP is email sent. If your FortiGate unit supports SSL content
scanning and inspection, incoming email also includes POP3S and IMAPS and
outgoing email also includes SMTPS. If incoming or outgoing email does not use these
protocols, these statistics will not be accurate.
The IM statistics are based on the AIM, ICQ, MSN, and Yahoo! protocols and
configured by selecting Archive in DLP Sensors for IM DLP rules.
The VoIP statistics are based on the SIP, SIMPLE and SCCP session control protocols
and configured by selecting Archive in DLP Sensors for Session Control DLP rules.
Log A summary of traffic, viruses, attacks, spam email messages, and blocked URLs that
the FortiGate unit has logged. Also displays the number of sessions matched by DLP
and event log messages. The Details pages list the 20 most recent items, providing the
time, source, destination and other information.
DLP data loss detected actually displays the number of sessions that have matched
DLP sensors added to protection profiles. DLP collects meta-data about all sessions
matched by DLP sensors and records this meta-data in the DLP log. Every time a DLP
log message is recorded, the DLP data loss detected number increases. If you are
using DLP for summary or full archiving the DLP data loss detected number can get
very large. This number may not indicate that data has been lost or leaked.
The System Status page can include a CLI. To use the console, select it to automatically
log in to the admin account you are currently using in the web-based manager. You can
copy (CTRL-C) and paste (CTRL-V) text from or to the CLI Console.
Figure 38: CLI Console
The two controls located on the CLI Console widget's title bar are Customize, and Detach.
Detach moves the CLI Console widget into a pop-up window that you can resize and
reposition. The two controls on the detached CLI Console are Customize and Attach.
Attach moves the CLI console widget back onto the System Status page.
Viewing the system dashboard
"Data Leak Prevention Sensor options" on
Customize
119