Classifying fortigate network interfaces, Classifying fortigate network interfaces” on – Fortinet FortiAnalyzer 3.0 MR7 User Manual
Page 85
Device
Manually adding a device
FortiAnalyzer Version 3.0 MR7 Administration Guide
05-30007-0082-20080908
83
13
Select the blue arrow to expand Group Membership.
This option does not appear if Device Type is FortiClient. In that case, also skip
the following step.
14
From the Available Groups area, select a device group or groups, if any, to which
you want to assign the device, then select the right arrow button to move the
group name into the Membership area.
Devices can belong to multiple groups. You can also add the device to a group
later, or change the assigned group. For more information, see
15
Select the blue arrow to expand FortiGate Interface Specification.
This option appears only if Device Type is FortiGate. If this option does not
appear, proceed to the following step.
16
Define the functional class of each network interface or VLAN sub-interface.
For more information about how to define the functional class of each network
interface or VLAN sub-interface, see
“Classifying FortiGate network interfaces” on
17
Select OK.
The device appears in the device list. After registration, some device types can be
configured for Secure Connection. For more information, see
Classifying FortiGate network interfaces
The FortiGate Interface Specification area enables you to functionally classify
network interfaces and VLAN subinterfaces according to their connections in your
network topology. Functionally classifying the device’s network interfaces and
VLAN subinterfaces as None, LAN, WAN or DMZ indirectly defines the
directionality of traffic flowing between those network interfaces. For example,
FortiAnalyzer units consider log messages of traffic flowing from a WAN class
interface to a LAN or DMZ class interface to represent incoming traffic.
Some report types for FortiGate devices include traffic direction — inbound or
outbound traffic flow. When the FortiAnalyzer unit generates reports involving
traffic direction, the FortiAnalyzer unit compares values located in the source and
destination interface fields of the log messages with your defined network
interface classifications to determine the traffic directionality.
The table below illustrates the traffic directionality derived from each possible
combination of source and destination interface class.
Table 8: Traffic directionality by class of the source and destination interface
Source interface class
Destination interface class
Traffic direction
None
All types
Unclassified
All types
None
Unclassified
WAN
LAN, DMZ
Incoming
WAN
WAN
External
LAN, DMZ
LAN, DMZ
Internal
LAN, DMZ
WAN
Outgoing