Dell SonicWALL Firewall - Fortinet Documentation Library

Có thể bạn quan tâm

Document Library Product Pillars Network Security

Network Security

FortiGate / FortiOS
FortiGate-5000 / 6000 / 7000
FortiProxy

NOC & SOC Management

FortiManager / FortiManager Cloud
FortiAnalyzer / FortiAnalyzer Cloud
FortiMonitor
FortiGate Cloud

Enterprise Networking

Business Communications

FortiFone
FortiVoice / FortiVoice Cloud
FortiRecorder / FortiCamera

Zero Trust Access

ZTNA

Zero Trust Network Access
FortiClient EMS

SASE

FortiSASE

Identity

FortiAuthenticator
FortiTrust Identity
FortiToken Cloud
FortiToken

Cloud Security

Hybrid Cloud Security

FortiGate Public Cloud
FortiGate Private Cloud
Flex-VM

Cloud Native Protection

FortiCNP
FortiDevSec

Web Application / API Protection

FortiWeb / FortiWeb Cloud
FortiADC / FortiGSLB
FortiGuard ABP

SAAS Security

FortiMail / FortiMail Cloud
FortiCASB

Security Operations

SOC Platform

FortiAnalyzer / FortiAnalyzer Cloud
FortiSIEM / FortiSIEM Cloud
FortiSOAR
FortiPhish

Advanced Threat Protection

Endpoint Security

FortiClient / FortiClient Cloud
FortiEDR

Best Practices Solution Hubs Curated links by solution Cloud

FortiCloud
Public & Private Cloud

External Systems Configuration Guide

FortiSIEM External Systems Configuration Guide Online
Change Log
TABLE OF CONTENTS
Overview
FortiSIEM Port Usage
Supported Devices and Applications by Vendor
Applications
- Application Server
  - Apache Tomcat
  - IBM WebSphere
  - Microsoft ASP.NET
  - Oracle GlassFish Server
  - Oracle WebLogic
  - Redhat JBOSS
- Authentication Server
  - Cisco Access Control Server (ACS)
  - Cisco Duo
  - Cisco Identity Solution Engine (ISE)
  - CyberArk Password Vault
  - Fortinet FortiAuthenticator
  - Juniper Networks Steel-Belted RADIUS
  - Microsoft Internet Authentication Server (IAS)
  - Microsoft Network Policy Server (RAS VPN)
  - OneIdentity Safeguard
  - Vasco DigiPass
- Database Server
  - IBM DB2 Server
  - Microsoft SQL Server
  - MySQL Server
  - Oracle Database Server
- DHCP and DNS Server
  - Infoblox DNS/DHCP
  - ISC BIND DNS
  - Linux DHCP
  - Microsoft DHCP (2003, 2008)
  - Microsoft DNS (2003, 2008)
- Directory Server
  - Microsoft Active Directory
- Document Management Server
  - Microsoft SharePoint
- Healthcare IT
  - Epic EMR/EHR System
- Mail Server
  - Microsoft Exchange
- Management Server/Appliance
  - Cisco Application Centric Infrastructure (ACI)
  - FortiInsight
  - Fortinet FortiManager
  - HPE Integrated Lights-Out (iLO)
  - VMware NSX for vSphere
- Remote Desktop
  - Citrix Receiver (ICA)
- Source Code Control
  - GitHub
  - GitLab API
  - GitLab CLI
- Unified Communication Server
  - Avaya Call Manager
  - Cisco Call Manager
  - Cisco Contact Center
  - Cisco Presence Server
  - Cisco Tandeberg Telepresence Video Communication Server (VCS)
  - Cisco Telepresence Multipoint Control Unit (MCU)
  - Cisco Telepresence Video Communication Server
  - Cisco Unity Connection
- Web Server
  - Apache Web Server
  - Microsoft IIS for Windows 2000 and 2003
  - Microsoft IIS for Windows 2008
  - NGINX Web Server
Blade Servers
- Cisco UCS Server
- HP BladeSystem
Cloud Access Security Broker
- Fortinet FortiCASB
- Oracle Cloud Access Security Broker (CASB)
Cloud Applications
- Alicide.io KAudit
- AWS Access Key IAM Permissions and IAM Policies
- AWS CloudTrail API
- Amazon AWS EC2
- AWS EC2 CloudWatch API
- AWS Elastic Load Balancer
- AWS Kinesis
- AWS RDS
- AWS Security Hub
- AWS Simple Queue Service (SQS)
- Amazon Simple Storage Service (AWS S3)
- Box.com
- Cisco Umbrella
- Google Cloud Platform - Pub/Sub Integration
- Google Workspace (Formerly G Suite and Google Apps)
- Microsoft Azure Audit
- Microsoft Office365 Audit
- Microsoft Cloud App Security
- Microsoft Defender for Identity/Microsoft Azure ATP
- Microsoft Azure Compute
- Microsoft Azure Event Hub
- Okta
  - Adding Users from Okta
  - Configuring Okta Authentication
  - Logging In to Okta
  - Setting Up External Authentication
- Oracle Cloud Infrastructure
- Salesforce CRM Audit
- Zscaler Nanolog Streaming Service (NSS)
Console Access Devices
- Lantronix SLC Console Manager
End Point Security Software
- Bit9 Security Platform
- Carbon Black Security Platform
- Cisco AMP Cloud V0
- Cisco AMP Cloud V1
- Cisco Security Agent (CSA)
- CloudPassage Halo
- Crowdstrike
- Cybereason
- Digital Guardian CodeGreen DLP
- ESET NOD32 Anti-Virus
- FortiClient
- Fortinet FortiEDR
- Malwarebytes Breach Remediation
- MalwareBytes EndPoint Protection
- McAfee ePolicy Orchestrator (ePO)
- Microsoft Windows Defender ATP
- MobileIron Sentry and Connector
- Netwrix Auditor (via Correlog Windows Agent)
- Palo Alto Traps Endpoint Security Manager
- SentinelOne
- Sophos Central
- Sophos Endpoint Security and Control
- Symantec Endpoint Protection
- Symantec SEPM
- Tanium Connect
- Trend Micro Interscan Web Filter
- Trend Micro Intrusion Defense Firewall (IDF)
- Trend Micro OfficeScan
Firewalls
- Check Point FireWall-1
- Check Point Provider-1 Firewall
  - Configuring MDS for Check Point Provider-1 Firewalls
  - Configuring MLM for Check Point Provider-1 Firewalls
  - Configuring CMA for Check Point Provider-1 Firewalls
  - Configuring CLM for Check Point Provider-1 Firewalls
- Check Point VSX Firewall
- Cisco Adaptive Security Appliance (ASA)
- Cisco Firepower Threat Defense (FTD)
- Clavister Firewall
- Cyberoam Firewall
- Dell SonicWALL Firewall
- Fortinet FortiGate Firewall
- Hillstone Firewall
- Imperva Securesphere Web App Firewall
- Juniper Networks SSG Firewall
- McAfee Firewall Enterprise (Sidewinder)
- Palo Alto Firewall
- Sophos UTM Firewall
- Stormshield Network Security
- Tigera Calico
- UserGate UTM Firewall
- WatchGuard Firebox Firewall
Load Balancers and Application Firewalls
- Barracuda Web Application Firewall
- Brocade ServerIron ADX
- Citrix Netscaler Application Delivery Controller (ADC)
- F5 Networks Application Security Manager
- F5 Networks Local Traffic Manager
- F5 Networks Web Accelerator
- Fortinet FortiADC
- Qualys Web Application Firewall
- Zscaler Cloud Firewall
Log Aggregators
- Fortinet FortiAnalyzer
Network Compliance Management Applications
- Cisco Network Compliance Manager
- PacketFence Network Access Control (NAC) Integration
Network Detection and Response (NDR)
- Fortinet FortiNDR (Formerly FortiAI)
- Zeek Network Security Monitor (Previously known as Bro)
Network Intrusion Detection System
- Microsoft Advanced Threat Analytics (ATA) On Premise Platform
- Zeek Network Security Monitor (Previously known as Bro)
Network Intrusion Prevention Systems (IPS)
- 3COM TippingPoint UnityOne IPS
- AirTight Networks SpectraGuard
- Alert Logic IRIS API
- Armis Asset Intelligence Platform
- Cisco FireSIGHT and FirePower Threat Defense
- Cisco Intrusion Protection System
- Cisco Stealthwatch
- Claroty Continuous Threat Detection
- Corero Smartwall Threat Defense System
- Cylance Protect Endpoint Protection
- Cyphort Cortext Endpoint Protection
- Damballa Failsafe
- Darktrace CyberIntelligence Platform
- Dragos Platform
- FireEye Malware Protection System (MPS)
- FortiDDoS
- Fortinet FortiDeceptor
- Fortinet FortiNAC
- Fortinet FortiSandbox
- Fortinet FortiTester
- IBM Internet Security Series Proventia
- Juniper DDoS Secure
- Juniper Networks IDP Series
- McAfee IntruShield
- McAfee Stonesoft IPS
- Motorola AirDefense
- Nozomi
- Palo Alto Cortex XDR
- Radware DefensePro
- Snort Intrusion Prevention System
- Sourcefire 3D and Defense Center
- Trend Micro Deep Discovery
- Zeek (Bro) installed on Security Onion
Operational Technology
- APC Netbotz Environmental Monitor
- APC UPS
- Claroty Continuous Threat Detection
- Dragos Platform
- Generic UPS
- Hirschman SCADA Firewalls and Switches
- Liebert FPC
- Liebert HVAC
- Liebert UPS
- Microsoft Defender for IoT (Was CyberX OT/IoT Security)
- Nozomi Central Management Control
- Nozomi SCADAguardian
- OTORIO RAM2 (Risk Assessment, Monitoring and Management)
Routers and Switches
- Alcatel TiMOS and AOS Switch
- Arista Router and Switch
- ArubaOS-CX Switching Platform
- Brocade NetIron CER Routers
- Cisco 300 Series Routers
- Cisco IOS Router and Switch
  - How CPU and Memory Utilization is Collected for Cisco IOS
- Cisco Meraki Cloud Controller and Network Devices
- Cisco NX-OS Router and Switch
- Cisco ONS
- Cisco Viptela SDWAN Router
- Dell Force10 Router and Switch
- Dell NSeries Switch
- Dell PowerConnect Switch and Router
- Foundry Networks IronWare Router and Switch
- HP/3Com ComWare Switch
- HP ProCurve Switch
- HP Value Series (19xx) and HP 3Com (29xx) Switch
- Hirschman SCADA Firewalls and Switches
- Juniper Networks JunOS Switch
- Mikrotek Router
- Nortel ERS and Passport Switch
Security Gateways
- Barracuda Networks Spam Firewall
- Blue Coat Web Proxy
- Cisco IronPort Mail Gateway
- Cisco IronPort Web Gateway
- Fortinet FortiMail
- Fortinet FortiProxy
- Fortinet FortiWeb
- Imperva Securesphere DB Monitoring Gateway
- Imperva Securesphere Security Gateway
- McAfee Vormetric Data Security Manager
- McAfee Web Gateway
- Microsoft ISA Server
- Proofpoint
- Squid Web Proxy
- SSH Comm Security CryptoAuditor
- Websense Web Filter
Security Information and Event Management
- SAP Enterprise Threat Detection (ETD)
Security Orchestration (SOAR)
- Fortinet FortiSOAR
Servers and Workstations
- Apple MacOS Server
- HP UX Server
- IBM AIX Server
- IBM OS400 Server
- Linux Server
- Microsoft Windows Server
- QNAP Turbo NAS
- Sun Solaris Server
Storage
- Brocade SAN Switch
- Dell Compellant Storage
- Dell EqualLogic Storage
- EMC Clarion Storage
- EMC Isilon Storage
- EMC VNX Storage
- NetApp DataOnTap
- NetApp Filer Storage
- Nimble Storage
- Nutanix Storage
Threat Intelligence
- FortiInsight
- Fortinet FortiNDR (Formerly FortiAI)
- Lastline
- ThreatConnect
Virtualization
- HyperV
- HyTrust CloudControl
- KVM
- Nutanix Prism
- VMware ESX
VPN Gateways
- Cisco VPN 3000 Gateway
- Cyxtera AppGuard
- Juniper Networks SSL VPN Gateway
- Microsoft PPTP VPN Gateway
- Pulse Secure
Vulnerability Scanners
- AlertLogic
- Digital Defense Frontline Vulnerability Manager
- Green League WVSS
- McAfee Foundstone Vulnerability Scanner
- Qualys QualysGuard Scanner
- Qualys Vulnerability Scanner
- Rapid7 NeXpose Vulnerability Scanner (Vulnerability Management On-Premises)
- Rapid7 InsightVM (Platform Based Vulnerability Management)
- Tenable.io
- Tenable Nessus Vulnerability Scanner
- Tenable Security Center
- YXLink Vulnerability Scanner
WAN Accelerators
- Cisco Wide Area Application Server
- Riverbed SteelHead WAN Accelerator
Wireless LANs
- Aruba Networks Wireless LAN
- Cisco Wireless LAN
- CradlePoint
- FortiAP
- FortiWLC
- Motorola WiNG WLAN AP
- Ruckus Wireless LAN
- Ubiquiti
Using Virtual IPs to Access Devices in Clustered Environments
Syslog over TLS
SNMP V3 Traps
Flow Support
Appendix
- Access Credentials
- Ingesting JSON Formatted Events Received via HTTP(S) POST

Home FortiSIEM 6.5.0 External Systems Configuration Guide 6.5.0 7.2.1 7.2.0 7.1.7 7.1.6 7.1.5 7.1.4 7.1.3 7.1.2 7.1.1 7.1.0 7.0.3 7.0.2 7.0.1 7.0.0 6.7.9 6.7.8 6.7.7 6.7.6 6.7.5 6.7.4 6.7.3 6.7.2 6.7.1 6.7.0 6.6.5 6.6.4 6.6.3 6.6.2 6.6.1 6.6.0 6.5.3 6.5.2 6.5.1 6.5.0 6.4.4 6.4.3 6.4.2 6.4.1 6.4.0 6.3.3 6.3.2 6.3.1 6.3.0 6.2.1 6.2.0 6.1.2 6.1.1 6.1.0 5.4.0 5.3.3 5.3.2 5.3.1 5.3.0 5.0.0 Dell SonicWALL Firewall

Dell SonicWALL Firewall

What is Discovered and Monitored
Event Types
Rules
Reports
Configuration
Example Syslog
Settings for Access Credentials

What is Discovered and Monitored

Protocol	Information Discovered	Metrics collected	Used for
SNMP	Host name, Hardware model, Network interfaces, Operating system version	CPU Utilization, Memory utilization and Firewall Session Count	Availability and Performance Monitoring
Syslog	Device type	All traffic and system logs	Availability, Security and Compliance

Event Types

In ADMIN > Device Support > Event Types, search for "sonicwall" to see the event types associated with Dell SonicWALL firewalls.

Rules

There are no predefined rules for Dell SonicWALL firewalls.

Reports

There are no predefined reports for Dell SonicWALL firewalls.

Configuration

SNMP

FortiSIEM uses SNMP to discover and monitor this device. Make sure SNMP is enabled for the device as directed in its product documentation. For more information, refer to sections "Discovery Settings" and "Setting Credentials" in the User Guide.

Dell SonicWALL Firewall Administrator's Guide (PDF)

Syslog

Log in to your SonicWALL appliance.
Go to Log > Syslog. Keep the default settings.
Under Syslog Servers, click Add. The Syslog Settings wizard will open.
Enter the IP Address of your FortiSIEM Supervisor or Collector. Keep the default Port setting of 514.
Click OK.
Go to Firewall > Access Rules.
Select the rule that you want to use for logging, and then click Edit.
In the General tab, select Enable Logging, and then click OK.Repeat for each rule that you want to enable for sending syslog to FortiSIEM.

Your Dell SonicWALL firewall should now send syslog to FortiSIEM.

Example Syslog

Jan 3 13:45:36 192.168.5.1 id=firewall sn=000SERIAL time="2007-01-03 14:48:06" fw=1.1.1.1 pri=6 c=262144 m=98 msg="Connection Opened" n=23419 src=2.2.2.2:36701:WAN dst=1.1.1.1:50000:WAN proto=tcp/50000

Settings for Access Credentials

SNMP Access Credentials for All Devices

Use these Access Method Definition settings to allow FortiSIEM to access your device over SNMP. Set the Name and Community String.

Setting	Value
Name	<set name>
Device Type	Generic
Access Protocol	SNMP
Community String	<your own>

Dell SonicWALL Firewall

What is Discovered and Monitored
Event Types
Rules
Reports
Configuration
Example Syslog
Settings for Access Credentials

What is Discovered and Monitored

Protocol	Information Discovered	Metrics collected	Used for
SNMP	Host name, Hardware model, Network interfaces, Operating system version	CPU Utilization, Memory utilization and Firewall Session Count	Availability and Performance Monitoring
Syslog	Device type	All traffic and system logs	Availability, Security and Compliance

Event Types

In ADMIN > Device Support > Event Types, search for "sonicwall" to see the event types associated with Dell SonicWALL firewalls.

Rules

There are no predefined rules for Dell SonicWALL firewalls.

Reports

There are no predefined reports for Dell SonicWALL firewalls.

Configuration

SNMP

Dell SonicWALL Firewall Administrator's Guide (PDF)

Syslog

Log in to your SonicWALL appliance.
Go to Log > Syslog. Keep the default settings.
Under Syslog Servers, click Add. The Syslog Settings wizard will open.
Enter the IP Address of your FortiSIEM Supervisor or Collector. Keep the default Port setting of 514.
Click OK.
Go to Firewall > Access Rules.
Select the rule that you want to use for logging, and then click Edit.
In the General tab, select Enable Logging, and then click OK.Repeat for each rule that you want to enable for sending syslog to FortiSIEM.

Your Dell SonicWALL firewall should now send syslog to FortiSIEM.

Example Syslog

Settings for Access Credentials

SNMP Access Credentials for All Devices

Use these Access Method Definition settings to allow FortiSIEM to access your device over SNMP. Set the Name and Community String.

Setting	Value
Name	<set name>
Device Type	Generic
Access Protocol	SNMP
Community String	<your own>

Home
Product Pillars
- Network Security
  - Network Security
    - FortiGate / FortiOS
    - FortiGate 5000
    - FortiGate 6000
    - FortiGate 7000
    - FortiProxy
  - NOC & SOC Management
    - FortiManager
    - FortiManager Cloud
    - FortiAnalyzer
    - FortiAnalyzer Cloud
    - FortiMonitor
    - FortiGate Cloud
  - Enterprise Networking
    - Secure SD-WAN
    - FortiLAN Cloud
    - FortiSwitch
    - FortiAP / FortiWiFi
    - FortiAP-U Series
    - FortiNAC-F
    - FortiExtender
    - FortiExtender Cloud
    - FortiAIOps
  - Business Communications
    - FortiFone
    - FortiVoice
    - FortiVoice Cloud
    - FortiRecorder
    - FortiCamera
- Zero Trust Access
  - ZTNA
    - Zero Trust Network Access
    - FortiClient EMS
  - SASE
    - FortiSASE
  - Identity
    - FortiAuthenticator
    - FortiTrust Identity
    - FortiToken Cloud
    - FortiToken
- Cloud Security
  - Hybrid Cloud Security
    - FortiGate Public Cloud
    - FortiGate Private Cloud
    - Flex-VM
  - Cloud Native Protection
    - FortiCNP
    - FortiDevSec
  - Web Application / API Protection
    - FortiWeb
    - FortiWeb Cloud
    - FortiADC
    - FortiGSLB
    - FortiGuard ABP
  - SAAS Security
    - FortiMail
    - FortiMail Cloud
    - FortiCASB
- Security Operations
  - SOC Platform
    - FortiAnalyzer
    - FortiAnalyzer Cloud
    - FortiSIEM / FortiSIEM Cloud
    - FortiSOAR
    - FortiPhish
  - Advanced Threat Protection
    - FortiSandbox
    - FortiSandbox Cloud
    - FortiNDR
    - FortiNDR Cloud
    - FortiDeceptor
    - FortiInsight
    - FortiInsight Cloud
    - FortiIsolator
  - Endpoint Security
    - FortiClient
    - FortiClient Cloud
    - FortiEDR
Best Practices
- Solution Hubs
  - Cloud
    - FortiCloud
    - Public & Private Cloud
  - Popular Solutions
    - Secure SD-WAN
    - Zero Trust Network Access
    - Secure Access
    - Next Generation Firewall
    - Security Fabric
    - Tele-Working
    - Multi-Factor Authentication
    - FortiASIC
    - Operational Technology
    - MSSP
- 4-D Resources
  - Secure SD-WAN
  - Zero Trust Network Access
  - Wireless
  - Switching
  - Secure Access Service Edge
  - Identity and Access Management
  - Next Generation Firewall
Hardware Guides
- FortiAnalyzer
- FortiAnalyzer Big-Data
- FortiADC
- FortiAP / FortiWiFi
- FortiAP U-Series
- FortiAuthenticator
- FortiCache
- FortiCarrier
- FortiController
- FortiDDoS
- FortiDDoS-F
- FortiDeceptor
- FortiExtender
- FortiGate
- FortiGate-5000
- FortiGate-6000
- FortiGate-7000
- FortiHypervisor
- FortiIsolator
- FortiMail
- FortiManager
- FortiNAC
- FortiNDR
- FortiProxy
- FortiRecorder
- FortiRPS
- FortiSandbox
- FortiSIEM
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- FortiWLC
- FortiWLM
Product A-Z
- AscenLink
- AV Engine
- AWS Firewall Rules
- FortiADC
- FortiADC E Series
- FortiADC Manager
- FortiADC Private Cloud
- FortiADC Public Cloud
- FortiAIOps
- FortiAnalyzer
- FortiAnalyzer BigData
- FortiAnalyzer BigData Private Cloud
- FortiAnalyzer Cloud
- FortiAnalyzer Private Cloud
- FortiAnalyzer Public Cloud
- FortiAP / FortiWiFi
- FortiAP-U Series
- FortiAuthenticator
- FortiAuthenticator Private Cloud
- FortiAuthenticator Public Cloud
- FortiAuthProxy
- FortiBalancer
- FortiBridge
- FortiCache
- FortiCamera
- FortiCamera Cloud
- FortiCare Elite
- FortiCarrier
- FortiCASB
- FortiCentral
- FortiClient
- FortiClient Cloud
- FortiCloud Services
- FortiCNP
- FortiConnect
- FortiController
- FortiConverter Service
- FortiConverter Tool
- FortiCore
- FortiCSPM
- FortiCWP
- FortiDAST
- FortiDB
- FortiDDoS
- FortiDDoS-F
- FortiDeceptor
- FortiDeceptor DaaS
- FortiDeceptor Private Cloud
- FortiDeceptor Public Cloud
- FortiDevSec
- FortiDNS
- FortiEDR/XDR
- FortiExplorer
- FortiExplorer Go
- FortiExtender
- FortiExtender Cloud
- FortiFlex
- FortiFone
- FortiGate / FortiOS
- FortiGate Cloud
- FortiGate CNF
- FortiGate Private Cloud
- FortiGate Public Cloud
- FortiGate-5000
- FortiGate-6000
- FortiGate-7000
- FortiGSLB
- FortiGuard Advanced Bot Protection
- FortiGuest
- FortiHypervisor
- FortiInsight
- FortiInsight Cloud
- FortiIPAM
- FortiIsolator
- FortiIsolator Public Cloud
- FortiLAN Cloud
- FortiMail
- FortiMail Cloud
- FortiManager
- FortiManager Cloud
- FortiManager Private Cloud
- FortiManager Public Cloud
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR
- FortiNDR (on-premise) Private Cloud
- FortiNDR (on-premise) Public Cloud
- FortiNDR Cloud
- FortiNDR Cloud Sensors
- FortiPAM
- FortiPAM Private Cloud
- FortiPAM Public Cloud
- FortiPhish
- FortiPlanner
- FortiPolicy
- FortiPortal
- FortiPortal Public Cloud
- FortiPresence
- FortiPresence VM
- FortiProxy
- FortiProxy Private Cloud
- FortiProxy Public Cloud
- FortiRecon
- FortiRecorder
- FortiRPS
- FortiSandbox
- FortiSandbox Cloud
- FortiSandbox Private Cloud
- FortiSandbox Public Cloud
- FortiSASE
- FortiScanner
- FortiSIEM
- FortiSIEM Cloud
- FortiSOAR
- FortiSOAR Cloud
- FortiSwitch
- FortiSwitch Manager
- FortiTap
- FortiTester
- FortiTester Private Cloud
- FortiTester Public Cloud
- FortiToken
- FortiToken Cloud
- FortiTrust Identity
- FortiVoice
- FortiVoice Cloud
- FortiVoice Private Cloud
- FortiVoice Public Cloud
- FortiWAN
- FortiWAN Controller
- FortiWeb
- FortiWeb Cloud
- FortiWeb Manager Private Cloud
- FortiWeb Manager Public Cloud
- FortiWeb Private Cloud
- FortiWeb Public Cloud
- FortiWLM
- FortiZTP
- IPS Engine
- Managed FortiGate Service
- Overlay-as-a-Service
- Security Awareness and Training
- SOCaaS
- Wireless Controller
- Ordering Guides

Download PDF
Table of Contents

FortiSIEM External Systems Configuration Guide Online
Change Log
TABLE OF CONTENTS
Overview
FortiSIEM Port Usage
Supported Devices and Applications by Vendor
Applications
- Application Server
  - Apache Tomcat
  - IBM WebSphere
  - Microsoft ASP.NET
  - Oracle GlassFish Server
  - Oracle WebLogic
  - Redhat JBOSS
- Authentication Server
  - Cisco Access Control Server (ACS)
  - Cisco Duo
  - Cisco Identity Solution Engine (ISE)
  - CyberArk Password Vault
  - Fortinet FortiAuthenticator
  - Juniper Networks Steel-Belted RADIUS
  - Microsoft Internet Authentication Server (IAS)
  - Microsoft Network Policy Server (RAS VPN)
  - OneIdentity Safeguard
  - Vasco DigiPass
- Database Server
  - IBM DB2 Server
  - Microsoft SQL Server
  - MySQL Server
  - Oracle Database Server
- DHCP and DNS Server
  - Infoblox DNS/DHCP
  - ISC BIND DNS
  - Linux DHCP
  - Microsoft DHCP (2003, 2008)
  - Microsoft DNS (2003, 2008)
- Directory Server
  - Microsoft Active Directory
- Document Management Server
  - Microsoft SharePoint
- Healthcare IT
  - Epic EMR/EHR System
- Mail Server
  - Microsoft Exchange
- Management Server/Appliance
  - Cisco Application Centric Infrastructure (ACI)
  - FortiInsight
  - Fortinet FortiManager
  - HPE Integrated Lights-Out (iLO)
  - VMware NSX for vSphere
- Remote Desktop
  - Citrix Receiver (ICA)
- Source Code Control
  - GitHub
  - GitLab API
  - GitLab CLI
- Unified Communication Server
  - Avaya Call Manager
  - Cisco Call Manager
  - Cisco Contact Center
  - Cisco Presence Server
  - Cisco Tandeberg Telepresence Video Communication Server (VCS)
  - Cisco Telepresence Multipoint Control Unit (MCU)
  - Cisco Telepresence Video Communication Server
  - Cisco Unity Connection
- Web Server
  - Apache Web Server
  - Microsoft IIS for Windows 2000 and 2003
  - Microsoft IIS for Windows 2008
  - NGINX Web Server
Blade Servers
- Cisco UCS Server
- HP BladeSystem
Cloud Access Security Broker
- Fortinet FortiCASB
- Oracle Cloud Access Security Broker (CASB)
Cloud Applications
- Alicide.io KAudit
- AWS Access Key IAM Permissions and IAM Policies
- AWS CloudTrail API
- Amazon AWS EC2
- AWS EC2 CloudWatch API
- AWS Elastic Load Balancer
- AWS Kinesis
- AWS RDS
- AWS Security Hub
- AWS Simple Queue Service (SQS)
- Amazon Simple Storage Service (AWS S3)
- Box.com
- Cisco Umbrella
- Google Cloud Platform - Pub/Sub Integration
- Google Workspace (Formerly G Suite and Google Apps)
- Microsoft Azure Audit
- Microsoft Office365 Audit
- Microsoft Cloud App Security
- Microsoft Defender for Identity/Microsoft Azure ATP
- Microsoft Azure Compute
- Microsoft Azure Event Hub
- Okta
  - Adding Users from Okta
  - Configuring Okta Authentication
  - Logging In to Okta
  - Setting Up External Authentication
- Oracle Cloud Infrastructure
- Salesforce CRM Audit
- Zscaler Nanolog Streaming Service (NSS)
Console Access Devices
- Lantronix SLC Console Manager
End Point Security Software
- Bit9 Security Platform
- Carbon Black Security Platform
- Cisco AMP Cloud V0
- Cisco AMP Cloud V1
- Cisco Security Agent (CSA)
- CloudPassage Halo
- Crowdstrike
- Cybereason
- Digital Guardian CodeGreen DLP
- ESET NOD32 Anti-Virus
- FortiClient
- Fortinet FortiEDR
- Malwarebytes Breach Remediation
- MalwareBytes EndPoint Protection
- McAfee ePolicy Orchestrator (ePO)
- Microsoft Windows Defender ATP
- MobileIron Sentry and Connector
- Netwrix Auditor (via Correlog Windows Agent)
- Palo Alto Traps Endpoint Security Manager
- SentinelOne
- Sophos Central
- Sophos Endpoint Security and Control
- Symantec Endpoint Protection
- Symantec SEPM
- Tanium Connect
- Trend Micro Interscan Web Filter
- Trend Micro Intrusion Defense Firewall (IDF)
- Trend Micro OfficeScan
Firewalls
- Check Point FireWall-1
- Check Point Provider-1 Firewall
  - Configuring MDS for Check Point Provider-1 Firewalls
  - Configuring MLM for Check Point Provider-1 Firewalls
  - Configuring CMA for Check Point Provider-1 Firewalls
  - Configuring CLM for Check Point Provider-1 Firewalls
- Check Point VSX Firewall
- Cisco Adaptive Security Appliance (ASA)
- Cisco Firepower Threat Defense (FTD)
- Clavister Firewall
- Cyberoam Firewall
- Dell SonicWALL Firewall
- Fortinet FortiGate Firewall
- Hillstone Firewall
- Imperva Securesphere Web App Firewall
- Juniper Networks SSG Firewall
- McAfee Firewall Enterprise (Sidewinder)
- Palo Alto Firewall
- Sophos UTM Firewall
- Stormshield Network Security
- Tigera Calico
- UserGate UTM Firewall
- WatchGuard Firebox Firewall
Load Balancers and Application Firewalls
- Barracuda Web Application Firewall
- Brocade ServerIron ADX
- Citrix Netscaler Application Delivery Controller (ADC)
- F5 Networks Application Security Manager
- F5 Networks Local Traffic Manager
- F5 Networks Web Accelerator
- Fortinet FortiADC
- Qualys Web Application Firewall
- Zscaler Cloud Firewall
Log Aggregators
- Fortinet FortiAnalyzer
Network Compliance Management Applications
- Cisco Network Compliance Manager
- PacketFence Network Access Control (NAC) Integration
Network Detection and Response (NDR)
- Fortinet FortiNDR (Formerly FortiAI)
- Zeek Network Security Monitor (Previously known as Bro)
Network Intrusion Detection System
- Microsoft Advanced Threat Analytics (ATA) On Premise Platform
- Zeek Network Security Monitor (Previously known as Bro)
Network Intrusion Prevention Systems (IPS)
- 3COM TippingPoint UnityOne IPS
- AirTight Networks SpectraGuard
- Alert Logic IRIS API
- Armis Asset Intelligence Platform
- Cisco FireSIGHT and FirePower Threat Defense
- Cisco Intrusion Protection System
- Cisco Stealthwatch
- Claroty Continuous Threat Detection
- Corero Smartwall Threat Defense System
- Cylance Protect Endpoint Protection
- Cyphort Cortext Endpoint Protection
- Damballa Failsafe
- Darktrace CyberIntelligence Platform
- Dragos Platform
- FireEye Malware Protection System (MPS)
- FortiDDoS
- Fortinet FortiDeceptor
- Fortinet FortiNAC
- Fortinet FortiSandbox
- Fortinet FortiTester
- IBM Internet Security Series Proventia
- Juniper DDoS Secure
- Juniper Networks IDP Series
- McAfee IntruShield
- McAfee Stonesoft IPS
- Motorola AirDefense
- Nozomi
- Palo Alto Cortex XDR
- Radware DefensePro
- Snort Intrusion Prevention System
- Sourcefire 3D and Defense Center
- Trend Micro Deep Discovery
- Zeek (Bro) installed on Security Onion
Operational Technology
- APC Netbotz Environmental Monitor
- APC UPS
- Claroty Continuous Threat Detection
- Dragos Platform
- Generic UPS
- Hirschman SCADA Firewalls and Switches
- Liebert FPC
- Liebert HVAC
- Liebert UPS
- Microsoft Defender for IoT (Was CyberX OT/IoT Security)
- Nozomi Central Management Control
- Nozomi SCADAguardian
- OTORIO RAM2 (Risk Assessment, Monitoring and Management)
Routers and Switches
- Alcatel TiMOS and AOS Switch
- Arista Router and Switch
- ArubaOS-CX Switching Platform
- Brocade NetIron CER Routers
- Cisco 300 Series Routers
- Cisco IOS Router and Switch
  - How CPU and Memory Utilization is Collected for Cisco IOS
- Cisco Meraki Cloud Controller and Network Devices
- Cisco NX-OS Router and Switch
- Cisco ONS
- Cisco Viptela SDWAN Router
- Dell Force10 Router and Switch
- Dell NSeries Switch
- Dell PowerConnect Switch and Router
- Foundry Networks IronWare Router and Switch
- HP/3Com ComWare Switch
- HP ProCurve Switch
- HP Value Series (19xx) and HP 3Com (29xx) Switch
- Hirschman SCADA Firewalls and Switches
- Juniper Networks JunOS Switch
- Mikrotek Router
- Nortel ERS and Passport Switch
Security Gateways
- Barracuda Networks Spam Firewall
- Blue Coat Web Proxy
- Cisco IronPort Mail Gateway
- Cisco IronPort Web Gateway
- Fortinet FortiMail
- Fortinet FortiProxy
- Fortinet FortiWeb
- Imperva Securesphere DB Monitoring Gateway
- Imperva Securesphere Security Gateway
- McAfee Vormetric Data Security Manager
- McAfee Web Gateway
- Microsoft ISA Server
- Proofpoint
- Squid Web Proxy
- SSH Comm Security CryptoAuditor
- Websense Web Filter
Security Information and Event Management
- SAP Enterprise Threat Detection (ETD)
Security Orchestration (SOAR)
- Fortinet FortiSOAR
Servers and Workstations
- Apple MacOS Server
- HP UX Server
- IBM AIX Server
- IBM OS400 Server
- Linux Server
- Microsoft Windows Server
- QNAP Turbo NAS
- Sun Solaris Server
Storage
- Brocade SAN Switch
- Dell Compellant Storage
- Dell EqualLogic Storage
- EMC Clarion Storage
- EMC Isilon Storage
- EMC VNX Storage
- NetApp DataOnTap
- NetApp Filer Storage
- Nimble Storage
- Nutanix Storage
Threat Intelligence
- FortiInsight
- Fortinet FortiNDR (Formerly FortiAI)
- Lastline
- ThreatConnect
Virtualization
- HyperV
- HyTrust CloudControl
- KVM
- Nutanix Prism
- VMware ESX
VPN Gateways
- Cisco VPN 3000 Gateway
- Cyxtera AppGuard
- Juniper Networks SSL VPN Gateway
- Microsoft PPTP VPN Gateway
- Pulse Secure
Vulnerability Scanners
- AlertLogic
- Digital Defense Frontline Vulnerability Manager
- Green League WVSS
- McAfee Foundstone Vulnerability Scanner
- Qualys QualysGuard Scanner
- Qualys Vulnerability Scanner
- Rapid7 NeXpose Vulnerability Scanner (Vulnerability Management On-Premises)
- Rapid7 InsightVM (Platform Based Vulnerability Management)
- Tenable.io
- Tenable Nessus Vulnerability Scanner
- Tenable Security Center
- YXLink Vulnerability Scanner
WAN Accelerators
- Cisco Wide Area Application Server
- Riverbed SteelHead WAN Accelerator
Wireless LANs
- Aruba Networks Wireless LAN
- Cisco Wireless LAN
- CradlePoint
- FortiAP
- FortiWLC
- Motorola WiNG WLAN AP
- Ruckus Wireless LAN
- Ubiquiti
Using Virtual IPs to Access Devices in Clustered Environments
Syslog over TLS
SNMP V3 Traps
Flow Support
Appendix
- Access Credentials
- Ingesting JSON Formatted Events Received via HTTP(S) POST

Từ khóa » Hp Sonicwall

Dell SonicWALL Firewall - Fortinet Documentation Library

External Systems Configuration Guide

Dell SonicWALL Firewall

What is Discovered and Monitored

Event Types

Rules

Reports

Configuration

SNMP

Syslog

Example Syslog

Settings for Access Credentials

Dell SonicWALL Firewall

What is Discovered and Monitored

Event Types

Rules

Reports

Configuration

SNMP

Syslog

Example Syslog

Settings for Access Credentials

SonicWall: Next-Gen Firewalls & Cybersecurity Solutions

SonicWall - Wikipedia

HPE Switch Series - Information For Using With Sonicwall Firewall

Sonic Wall VLAN And HP Switches - Spiceworks Community

SonicWALL - Innocom Technologies

SonicWall Gen7 Firewalls Stuck In Reboot Loop Since Thursday

Priyanka HP - Network Security Engineer - SonicWall - LinkedIn

3m Hp To Sonicwall 10g Sfp+ Pdac - SHI

Sonicwall SOHO Wholesale Trader From Hyderabad

This Escalated Quickly. VLan Setup - Ubiquiti Community

SonicWALL NSA 2600 W 2xSonicWave 432e, TotalSecure Adv Ed ...

Liên Hệ