Fortinet black logo

New Features

Home FortiManager 7.4.0 New Features
7.4.0
7.4.0
7.2.0
7.0.0
6.4.0
6.2.7
6.2.3
6.2.2
6.2.1
6.2.0

Create a new policy based on the logged traffic and traffic hit count 7.4.1

Create a new policy based on the logged traffic and traffic hit count 7.4.1

Note

This information is also available in the FortiManager 7.4 Administration Guide:

In FortiManager 7.4.1, you can create a new policy based on the logged traffic and traffic hit count.

To create a new policy based on the logged traffic and traffic hit count.
  1. Configure the following:
    • A Firewall Policy is configured on the FortiGate.
    • The FortiGate is sending its traffic to FortiAnalyzer.
    • The FortiAnalyzer is managed by FortiManager and the FortiGate logs can be viewed on FortiManager in Log View > FortiGate.

  2. Go to FortiView > Traffic > Policy Hits to see hit counts for each policy.
  3. Right click on each row to see options to Create Policy.
  4. On the new page, users can create a new Policy based on traffic logs filtered by corresponding policy UUID. Logs can be grouped by Source IP, Destination IP and Service.
  5. Select the desired criteria and click Create. A new page dialog opens, and users can edit the template and select where to add the new policy:
    • Create New Policy Block
    • Add to Existing Policy Block
    • Insert Before Package Policy


  6. Click OK to preview the policy objects.
  7. Click Next to preview the policy that will be added.
  8. Click Next to add the policy(s).
  9. Close the dialog or click Jump to Inserted Policy to view the policy in Policy Packages.
    In the example below, the user has chosen Insert Before Policy Package, and the new policies are added on top of the existing policy.
Previous
Next

Create a new policy based on the logged traffic and traffic hit count 7.4.1

Note

This information is also available in the FortiManager 7.4 Administration Guide:

In FortiManager 7.4.1, you can create a new policy based on the logged traffic and traffic hit count.

To create a new policy based on the logged traffic and traffic hit count.
  1. Configure the following:
    • A Firewall Policy is configured on the FortiGate.
    • The FortiGate is sending its traffic to FortiAnalyzer.
    • The FortiAnalyzer is managed by FortiManager and the FortiGate logs can be viewed on FortiManager in Log View > FortiGate.

  2. Go to FortiView > Traffic > Policy Hits to see hit counts for each policy.
  3. Right click on each row to see options to Create Policy.
  4. On the new page, users can create a new Policy based on traffic logs filtered by corresponding policy UUID. Logs can be grouped by Source IP, Destination IP and Service.
  5. Select the desired criteria and click Create. A new page dialog opens, and users can edit the template and select where to add the new policy:
    • Create New Policy Block
    • Add to Existing Policy Block
    • Insert Before Package Policy


  6. Click OK to preview the policy objects.
  7. Click Next to preview the policy that will be added.
  8. Click Next to add the policy(s).
  9. Close the dialog or click Jump to Inserted Policy to view the policy in Policy Packages.
    In the example below, the user has chosen Insert Before Policy Package, and the new policies are added on top of the existing policy.
Previous
Next