Fortinet black logo

OFTP - Optimized Fabric Transfer Protocol

6.4.0
Copy Link
Copy Doc ID 23a6ef88-6864-11ea-9384-00505692583a:109281
Download PDF

OFTP - Optimized Fabric Transfer Protocol

The Optimized Fabric Transfer Protocol (OFTP) is used when information is synchronized between FortiAnalyzer and FortiGate. Remote logging and archiving can be configured on the FortiGate to send logs to a FortiAnalyzer (and/or FortiManager) unit.

OFTP listens on ports TCP/514 and UDP/514.

You can connect to a FortiAnalyzer unit from a FortiGate unit using Automatic Discovery, so long as both units are on the same network. Connecting these devices in this way does not use OFTP. Instead, the Fortinet Discovery Protocol (FDP) is used to locate the FortiAnalyzer unit.

When you select Automatic Discovery, the FortiGate unit uses HELLO packets to locate any FortiAnalyzer units that are available on the network within the same subnet. When the FortiGate unit discovers the FortiAnalyzer unit, the FortiGate unit automatically enables logging to the FortiAnalyzer unit and begins sending log data.

CLI command - To connect to FortiAnalyzer using automatic discovery:

config log fortianalyzer setting

set status [enable | disable]

set server <ip_address>

set gui-display [enable | disable]

set address-mode auto-discovery

end

Note

If your FortiGate unit is in Transparent mode, the interface using the automatic discovery feature will not carry traffic.

To send logs from FortiGate to FortiAnalyzer:
  1. Go to Log & Report > Log Settings and enable Send logs to FortiAnalyzer/FortiManager (under Remote Logging and Archiving).
  2. Enter the FortiAnalyzer unit's IP address in the IP address field provided.
  3. For Upload option, select either Real Time to upload logs as they come across the FortiGate unit, or Every Minute, or Every 5 Minutes.
  4. Logs sent to FortiAnalyzer can be encrypted by enabling SSL encrypt log transmission.

OFTP - Optimized Fabric Transfer Protocol

The Optimized Fabric Transfer Protocol (OFTP) is used when information is synchronized between FortiAnalyzer and FortiGate. Remote logging and archiving can be configured on the FortiGate to send logs to a FortiAnalyzer (and/or FortiManager) unit.

OFTP listens on ports TCP/514 and UDP/514.

You can connect to a FortiAnalyzer unit from a FortiGate unit using Automatic Discovery, so long as both units are on the same network. Connecting these devices in this way does not use OFTP. Instead, the Fortinet Discovery Protocol (FDP) is used to locate the FortiAnalyzer unit.

When you select Automatic Discovery, the FortiGate unit uses HELLO packets to locate any FortiAnalyzer units that are available on the network within the same subnet. When the FortiGate unit discovers the FortiAnalyzer unit, the FortiGate unit automatically enables logging to the FortiAnalyzer unit and begins sending log data.

CLI command - To connect to FortiAnalyzer using automatic discovery:

config log fortianalyzer setting

set status [enable | disable]

set server <ip_address>

set gui-display [enable | disable]

set address-mode auto-discovery

end

Note

If your FortiGate unit is in Transparent mode, the interface using the automatic discovery feature will not carry traffic.

To send logs from FortiGate to FortiAnalyzer:
  1. Go to Log & Report > Log Settings and enable Send logs to FortiAnalyzer/FortiManager (under Remote Logging and Archiving).
  2. Enter the FortiAnalyzer unit's IP address in the IP address field provided.
  3. For Upload option, select either Real Time to upload logs as they come across the FortiGate unit, or Every Minute, or Every 5 Minutes.
  4. Logs sent to FortiAnalyzer can be encrypted by enabling SSL encrypt log transmission.