Intro and Initial Configuration Flashcards
FAZ uses what kind of Database
PostgreSQL
Since the collector does not perform any analytics tasks, it should have most of the disk space allocated for:
Archive Logs
Security Fabric Logging
Store and analyze logs from devices in a security fabric group as if the logs are from a single device.
Factory Default settings
admin and blank password
port1 192.168.1.99/24 https, ssh
FAZ supports these VLAN protocols:
IEEE 802.1Q and 802.1AD
Resetting the Configuration
execute reset all-settings
To reset to factory default settings from flash:
To reset all settings from flash except current IP addresses and routes:
# execute reset all-except ip
To erase all device settings and images, databases, and log data from disk, but preserve IP and routing info:
# execute format disk
You should always format the disk after resetting the config. A low-level disk format option, deep-erase, is available. FAZ will overwrite the hard disk with random data to ensure data cannot be recovered. This can take a long time.
You should connect to the console port before running these commands
Basic CLI command tips
The get command allow you to view information in a readable format.
The show commands allow you to view the exact CLI configuration for that section, including the proper indentation.
The execute commands allow you to perform a function in FAZ
Viewing Server Information
Use ‘diagnose system’ commands.
How are logs handled with multiple FGT devices in a Security Fabric?
The Security Fabric logs each session once:
The first FortiGate the handles a session
No Duplicate traffic logs for sessions coming from another fabric member’s MAC address with the following exceptions:
If an upstream FortiGate performs NAT
Upstream FortiGate devices still log UTM events
UTM and traffic logs are correlated so session details, UTM events,. reporting and automation in the Security Fabric work correctly.
