Fortinet FSM-500F Configuration Manual
  1. Manuals
  2. Brands
  3. Fortinet Manuals
  4. Firewall
  5. FSM-500F
  6. Configuration manual

Fortinet FSM-500F Configuration Manual

Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
500F Collector Configuration
Guide
FortiSIEM 6.3.1

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the FSM-500F and is the answer not in the manual?

Questions and answers

Related Manuals for Fortinet FSM-500F

Summary of Contents for Fortinet FSM-500F

  • Page 1 500F Collector Configuration Guide FortiSIEM 6.3.1...
  • Page 2 FORTINET DOCUMENT LIBRARY https://docs.fortinet.com FORTINET VIDEO GUIDE https://video.fortinet.com FORTINET BLOG https://blog.fortinet.com CUSTOMER SERVICE & SUPPORT https://support.fortinet.com FORTINET TRAINING & CERTIFICATION PROGRAM https://www.fortinet.com/training-certification NSE INSTITUTE https://training.fortinet.com FORTIGUARD CENTER https://www.fortiguard.com END USER LICENSE AGREEMENT https://www.fortinet.com/doc/legal/EULA.pdf FEEDBACK Email: techdoc@fortinet.com 11/17/2021 FortiSIEM 6.3.1 500F Collector Configuration Guide...

  • Page 3: Table Of Contents

    TABLE OF CONTENTS Appliance Setup Fresh Installation Step 1: Rack mount the FSM-500F Appliance Step 2: Power On the FSM-500F Appliance Step 3: Verify System Information Step 4: Configure FortiSIEM via GUI Step 5: Register Collectors Step 6: Using FortiSIEM Factory Reset...

  • Page 4: Appliance Setup

    Before proceeding to the next step, connecting Ethernet cable to Port1 is required for Network configuration. Step 2: Power On the FSM-500F Appliance 1. Make sure the FSM-500F device is connected to a Power outlet and an Ethernet cable is connected to Port1. 2. Power On the FSM-500F device. Step 3: Verify System Information 1.

  • Page 5: Step 4: Configure Fortisiem Via Gui

    2. At the command prompt, go to /usr/local/bin, and enter configFSM.sh. For example: # configFSM.sh A simple GUI will open. 3. In the GUI, select 1 Set Timezone, and then press Next. 4. Select your Region, then press Next. FortiSIEM 6.3.1 500F Collector Configuration Guide Fortinet Technologies Inc.
  • Page 6 Appliance Setup 5. Select your Country, and press Next. 6. Select the Country and City for your timezone, and press Next. 7. Select 1 Collector. Press Next. FortiSIEM 6.3.1 500F Collector Configuration Guide Fortinet Technologies Inc.
  • Page 7 11. When prompted, enter the information for these network components to configure the Static IP address: IP Address, Netmask, Gateway, DNS Server(s). Configure the network by entering the following fields. Press Next. Note: Configuring a DNS Server to resolve external addresses as updates to remote repositories will be required in FortiSIEM 6.3.1 500F Collector Configuration Guide Fortinet Technologies Inc.
  • Page 8 IPv6 Address The Collector's IPv6 address prefix The Collector's IPv6 prefix (Netmask) Gateway ipv6 IPv6 Network gateway address DNS1 IPv6, Addresses of the IPv6 DNS server 1 and DNS DNS2 IPv6 server2 FortiSIEM 6.3.1 500F Collector Configuration Guide Fortinet Technologies Inc.
  • Page 9 Note: By default, “google.com” is shown for the connectivity test, but if configuring IPv6, you must enter an accessible internally approved IPv6 DNS server, for example: “ipv6-dns.fortinet.com" Note: When configuring both IPv4 and IPv6, only testing connectivity for the IPv6 DNS is required because the IPV6 takes higher precedence.
  • Page 10 FQDN address: fully-qualified domain name The IP type. The values can be either 4 (for ipv4) or 6 (for v6) or 64 (for both ipv4 and ipv6). --dns1, --dns2 Addresses of the DNS servers FortiSIEM 6.3.1 500F Collector Configuration Guide Fortinet Technologies Inc.

  • Page 11: Step 5: Register Collectors

    Set user and password use the admin User Name and password for the Supervisor. b. Set Super IP or Host as the Supervisor's IP address. c. Set Organization. For Enterprise deployments, the default name is Super. d. Set CollectorName from Step FortiSIEM 6.3.1 500F Collector Configuration Guide Fortinet Technologies Inc.
  • Page 12 Note: Rather than using IP addresses, a DNS name is recommended. The reasoning is, should the IP addressing change, it becomes a matter of updating the DNS rather than modifying the Event Worker IP addresses in FortiSIEM. b. Click OK. FortiSIEM 6.3.1 500F Collector Configuration Guide Fortinet Technologies Inc.
  • Page 13 The last two values could be set as Unlimited. Guaranteed EPS is the EPS that the Collector will always be able to send. It could send more if there is excess EPS available. FortiSIEM 6.3.1 500F Collector Configuration Guide Fortinet Technologies Inc.

  • Page 14: Step 6: Using Fortisiem

    8. Go to ADMIN > Health > Collector Health to see the status of the Collector. Step 6: Using FortiSIEM Refer to the FortiSIEM User Guide for detailed information about using FortiSIEM. FortiSIEM 6.3.1 500F Collector Configuration Guide Fortinet Technologies Inc.

  • Page 15: Factory Reset

    Appliance Setup Factory Reset Follow the steps below to perform factory reset on FortiSIEM FSM-500F. Step 1: Uninstall FortiSIEM application 1. Connect FortiSIEM device using VGA or Console port. 2. Login as ‘root’ user with password 'ProspectHills'. 3. To check the available FortiSIEM commands, run get.

  • Page 16: Step 1: Create Bootable Linux Image

    3. Create and export /FortiSIEM_HW_IMG. 4. Upload the FSM_Full_All_RAW_HARDWARE_6.3.1.0338.zip to /FortiSIEM_HW_IMG. 5. Go to the /FortiSIEM_HW_IMG directory by running the following command. cd /FortiSIEM_HW_IMG 6. run the following command to unzip the zip file. FortiSIEM 6.3.1 500F Collector Configuration Guide Fortinet Technologies Inc.

  • Page 17: Step 3: Prepare 500F By Removing Fsm

    7. Determine the mount point of this drive by using the following command: df -l Note: For this guide, the assumption for the 8GB mount point is: /media/ubuntu/123456789/* 8. Copy the image from the 8GB disk to the FortiSIEM boot disk. FortiSIEM 6.3.1 500F Collector Configuration Guide Fortinet Technologies Inc.
  • Page 18 8. Once this is completed, power off the FortiSIEM appliance using the following commands: # shutdown –h now 9. After shutdown, remove both USB drives from the FortiSIEM appliance. 10. Power on the FortiSIEM appliance. 11. Reinstall the FortiSIEM application (as in Factory Reset - step 2). FortiSIEM 6.3.1 500F Collector Configuration Guide Fortinet Technologies Inc.
  • Page 19 Fortinet’s General Counsel, with a purchaser that expressly warrants that the identified product will perform according to certain expressly-identified performance metrics and, in such event, only the specific performance metrics expressly identified in such binding written contract shall be binding on Fortinet. For absolute clarity, any such warranty will be limited to performance in the same ideal conditions as in Fortinet’s internal lab tests.

Table of Contents