Fortinet black logo

Administration Guide

SOC monitor dashboards

SOC monitor dashboards

SOC monitors include predefined dashboards.

Both predefined and custom dashboards can be modified with widgets, including: Threats widgets, Compromised Hosts widgets, Traffic widgets, Applications & Websites widgets, VPN widgets, WiFi widgets, Endpoints widgets, System widgets, Threat Research widgets, Security Fabric widgets, and FortiClient Software widgets.

For example, the default Threat Monitor dashboard includes four widgets: Threat Map, Top Threat Destinations, Top Threats, and Top Virus Incidents Over Time. These widgets can be removed, enlarged, reduced, or customized, and new widgets can be added to the dashboard.

For more information, see Customizing the Monitors dashboard.

SOC Monitors includes the following predefined dashboards:

Threats

Monitors the top security threats to your network.

Traffic

Monitors the traffic on your network.

Applications & Websites

Monitors the application and website traffic on your network.

Compromised Hosts

Monitors compromises and suspicious web use in your network.

FortiSandbox Detections

Monitors FortiSandbox detections on your network.

Endpoints

Monitors endpoint activity on your network.

Fabric State of Security

Monitors your network's Security Fabric rating, score, and topology.

This information for this dashboard is available after you create a Security Fabric group in FortiGate and add it in FortiAnalyzer. The Security Fabric can be selected in the settings options for each widget.

VPN

Monitors VPN activity on your network.

WiFi

Monitors WiFi access points and SSIDs.

Local System Performance

Monitors the local system performance of the FortiAnalyzer unit.

FortiClient Software Inventory

Monitors the FortiClient endpoints sending logs to FortiAnalyzer.

Archive

Includes FortiAnalyzer NOC-SOC modules from versions prior to 6.2.0.

Note

When upgrading versions prior to FortiAnalyzer 6.2.0, custom dashboards will not be migrated and must be recreated.

SOC monitor dashboards

SOC monitors include predefined dashboards.

Both predefined and custom dashboards can be modified with widgets, including: Threats widgets, Compromised Hosts widgets, Traffic widgets, Applications & Websites widgets, VPN widgets, WiFi widgets, Endpoints widgets, System widgets, Threat Research widgets, Security Fabric widgets, and FortiClient Software widgets.

For example, the default Threat Monitor dashboard includes four widgets: Threat Map, Top Threat Destinations, Top Threats, and Top Virus Incidents Over Time. These widgets can be removed, enlarged, reduced, or customized, and new widgets can be added to the dashboard.

For more information, see Customizing the Monitors dashboard.

SOC Monitors includes the following predefined dashboards:

Threats

Monitors the top security threats to your network.

Traffic

Monitors the traffic on your network.

Applications & Websites

Monitors the application and website traffic on your network.

Compromised Hosts

Monitors compromises and suspicious web use in your network.

FortiSandbox Detections

Monitors FortiSandbox detections on your network.

Endpoints

Monitors endpoint activity on your network.

Fabric State of Security

Monitors your network's Security Fabric rating, score, and topology.

This information for this dashboard is available after you create a Security Fabric group in FortiGate and add it in FortiAnalyzer. The Security Fabric can be selected in the settings options for each widget.

VPN

Monitors VPN activity on your network.

WiFi

Monitors WiFi access points and SSIDs.

Local System Performance

Monitors the local system performance of the FortiAnalyzer unit.

FortiClient Software Inventory

Monitors the FortiClient endpoints sending logs to FortiAnalyzer.

Archive

Includes FortiAnalyzer NOC-SOC modules from versions prior to 6.2.0.

Note

When upgrading versions prior to FortiAnalyzer 6.2.0, custom dashboards will not be migrated and must be recreated.