Fortinet black logo

Administration Guide

Home FortiNDR 7.0.3 Administration Guide
7.0.3
7.4.3
7.4.2
7.4.1
7.4.0
7.2.3
7.2.2
7.2.1
7.2.0
7.1.0
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0

Initial setup

Initial setup

For the meaning of LEDs, see the Quick Start Guide (QSG).

Internet Access

For FortiGuard updates please have a stable internet access from the FortiNDR unit. Go to System > FortiGuard for updates via Internet. For offline deployments please refer to Appendix D - FortiGuard Updates.

Ports

Port1 and port2 are hard-coded to be management port and sniffer port.

The following is the initial port configuration.

Port Type Function

Port1

10GE copper (10G or 1G autodetect)

Management port, GUI, Fabric devices files receiving, REST API, ICAP.

Default IP address is 192.168.1.88 using admin with no password.

Port2

10GE copper (10G or 1G autodetect)

Sniffer port.

Port3

Port4

1G Copper

High availability

Port5

Port6

Port7

Port8

10G SPF+ fiber (gen3 only)

Reserve for future use*

Console

Serial port

Console serial port.

9600 baud, 8 data bits, 1 stop bit, no parity, XON/XOFF.
Note

While the FortiGate port2 sniffer comes in 10GE copper, it also auto detects 1/10G interfaces. If the switch supports SFP+, you can use the FN-TRAN-SFP+GC transceiver.

SKU: FN-TRAN-SFP+GC

Product Name: 10GE copper SFP+ RJ45 transceiver (30m range)

Description: 10GE copper SFP+ RJ45 Fortinet transceiver (30m range) for systems with SFP+ slots.

10GE copper supports up to 100m cable distance to switch or FortiGate. Ideally the shorter the cable the better the performance, avoiding retransmission and packet loss over physical medium.
Note

Use CAT 8 copper cable to achieve the maximum performance of up to 40Gbps for sniffer. For differences in CAT cables, see https://www.cablesandkits.com/learning-center/what-are-cat8-ethernet-cables.
Note

*For customers who are required to use SFP+ ports (available in gen3 hardware only) for management and capture (sniffer), pls contact local CSE for details.
Previous
Next

Initial setup

For the meaning of LEDs, see the Quick Start Guide (QSG).

Internet Access

For FortiGuard updates please have a stable internet access from the FortiNDR unit. Go to System > FortiGuard for updates via Internet. For offline deployments please refer to Appendix D - FortiGuard Updates.

Ports

Port1 and port2 are hard-coded to be management port and sniffer port.

The following is the initial port configuration.

Port Type Function

Port1

10GE copper (10G or 1G autodetect)

Management port, GUI, Fabric devices files receiving, REST API, ICAP.

Default IP address is 192.168.1.88 using admin with no password.

Port2

10GE copper (10G or 1G autodetect)

Sniffer port.

Port3

Port4

1G Copper

High availability

Port5

Port6

Port7

Port8

10G SPF+ fiber (gen3 only)

Reserve for future use*

Console

Serial port

Console serial port.

9600 baud, 8 data bits, 1 stop bit, no parity, XON/XOFF.
Note

While the FortiGate port2 sniffer comes in 10GE copper, it also auto detects 1/10G interfaces. If the switch supports SFP+, you can use the FN-TRAN-SFP+GC transceiver.

SKU: FN-TRAN-SFP+GC

Product Name: 10GE copper SFP+ RJ45 transceiver (30m range)

Description: 10GE copper SFP+ RJ45 Fortinet transceiver (30m range) for systems with SFP+ slots.

10GE copper supports up to 100m cable distance to switch or FortiGate. Ideally the shorter the cable the better the performance, avoiding retransmission and packet loss over physical medium.
Note

Use CAT 8 copper cable to achieve the maximum performance of up to 40Gbps for sniffer. For differences in CAT cables, see https://www.cablesandkits.com/learning-center/what-are-cat8-ethernet-cables.
Note

*For customers who are required to use SFP+ ports (available in gen3 hardware only) for management and capture (sniffer), pls contact local CSE for details.
Previous
Next