To enable logging on the Firewall Policy, go to Policy & Objects > Firewall Policy.
Select FG_LAN_INTERNET > click Edit (or just double-click).
Under Security Profiles > enable (toggle): Antivirus, Application Control, IPS.
Under Logging Options > enable (toggle) Log Allow Traffic > All Sessions > click OK.
You can create a new profile or edit the existing Security Profiles.
To view the FortiGate traffic logs, go to Log & Report > Forward Traffic.
Select a specific log > click Details.
Notice the Application Name: Facebook, Category: Social Media, Security Action: Allowed and Policy ID: FG_LAN_INTERNET.
You can narrow down thesearch by clicking Add Filter.
In this example, I choose the Application Name: Youtube.
The FortiGate displayed Forward Traffic logs related only to Youtube.
The
Chrome web browser has a built-in security feature, so I used Internet Explorer instead to test
the Antivirus Security Profile. Go to wicar.org to download a test malware.
Notice it displayed a High Security Alert when a virus was detected.
To
view Antivirus log, go to Log & Report > Antivirus.
Select a specific Antivirus log > click Details.
Notice the Threat Level: Critical which has a Threat Score: 50.
No comments:
Post a Comment