Table of Contents
Advertisement
System
FortiAnalyzer Version 3.0 MR7 Administration Guide
05-30007-0082-20080908
For example, a company may have a headquarters and a number of branch
offices. Each branch office has a FortiGate unit and a FortiAnalyzer-100A/100B to
collect local log information. Those branch office FortiAnalyzer units are
configured as log aggregation clients. The headquarters has a
FortiAnalyzer-2000/2000A which is configured as a log aggregator. The log
aggregator collects logs from each of the branch office log aggregation clients,
enabling headquarters to run reports that reflect all offices.
Note: For more information about log aggregation port numbers, see the Knowledge
Center article
Traffic Types and TCP/UDP Ports used by Fortinet
Figure 31: Example log aggregation topology
All FortiAnalyzer models can be configured as a log aggregation client, but log
aggregation server support varies by FortiAnalyzer model, due to storage and
resource requirements.
FortiAnalyzer Model
FortiAnalyzer-100A/100B
FortiAnalyzer-400
FortiAnalyzer-800/800B
FortiAnalyzer-2000/2000A
FortiAnalyzer-4000/4000A
Products.
Aggregation Client
Aggregation Server
Yes
No
Yes
No
Yes
Yes
Yes
Yes
Yes
Yes
Config
59
Advertisement
Table of Contents
