Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

Administration Guide

Configuring the SNMP agent

The SNMP agent sends SNMP traps that originate on the FortiSandbox system to an external monitoring SNMP manager defined in one of the FortiSandbox SNMP communities. Typically an SNMP manager is an application on a local computer that can read the SNMP traps and generate reports or graphs from them.

The SNMP manager can monitor the FortiSandbox system to determine if it is operating properly, or if any critical events are occurring. The description, location, and contact information for this FortiSandbox system is part of the information for the SNMP manager. This information is useful if the SNMP manager is monitoring many devices, and it will enable faster responses when the FortiSandbox system requires attention.

To configure the SNMP agent:
  1. Go to System > SNMP.
  2. Configure the following settings:

    SNMP Agent

    Enable the FortiSandbox SNMP agent to send FortiSandbox SNMP traps. Disable to stop sending SNMP traps.

    Description

    Description of this FortiSandbox system to help uniquely identify this unit.

    Location

    Location of this FortiSandbox system to help find it if it requires attention.

    Contact

    Contact information for the person in charge of this FortiSandbox system.

    SNMP v1/v2c

    Create, edit, or delete SNMP v1 and v2c communities. You can enable or disable communities in the edit page. Columns include Community Name, Queries, Traps, and Enable.

    SNMP v3

    Create, edit, or delete SNMP v3 entries. You can enable or disable queries in the edit page. Columns include User Name, Security Level, Notification Host, and Queries.

To create a new SNMP v1/v2c community:
  1. Go to System > SNMP.
  2. In the SNMP v1/v2c section, click Create New.
  3. Configure the following settings:

    Enable

    Select to enable the SNMP community.

    Community Name

    Enter a name to identify the SNMP community.

    Hosts

    The list of hosts that can use the settings in this SNMP community to monitor the FortiSandbox system.

     

    IP/Netmask

    Enter the IP address and netmask of the SNMP hosts. Click Add to add additional hosts.

    Queries v1

    Enter the port number and select to enable. Enable queries for each SNMP version that the FortiSandbox system uses.

    Queries v2c

    Enter the port number and select to enable. Enable queries for each SNMP version that the FortiSandbox system uses.

    Traps v1

    Enter the local port number, remote port number, and select to enable. Enable traps for each SNMP version that the FortiSandbox system uses.

    Traps v2c

    Enter the local port number, remote port number, and select to enable. Enable traps for each SNMP version that the FortiSandbox system uses.

    SNMP Events

    Enable the events that will cause the FortiSandbox unit to send SNMP traps to the community.

    • CPU usage is high
    • Memory usage is high
    • Log disk usage is high
    • Malware is detected
    • Topology map for cluster has changed
    • Health check status for cluster has changed
  4. Click OK.
To create a new SNMP v3 user:
  1. Go to System > SNMP.
  2. In the SNMP v3 section, click Create New.
  3. Configure the following settings:

    Username

    Enter the name of the SNMPv3 user.

    Security Level

    Select the security level of the user. Select one of the following:

    • None
    • Authentication only
    • Encryption and authentication

    Authentication

    Authentication is required when Security Level is either Authentication only or Encryption and authentication.

     

    Method

    Select the authentication method:

    • MD5 (Message Digest 5 algorithm)
    • SHA1 (Secure Hash algorithm)

     

    Password

    Enter the authentication password of at least eight characters.

    Encryption

    Encryption is required when Security Level is Encryption and authentication.

     

    Method

    Select the encryption method: DES or AES.

     

    Key

    Enter the encryption key of at least eight characters.

    Notification Hosts (Traps)

     

    IP/Netmask

    Enter the IP address and netmask. Click Add to add additional hosts.

    Query

     

    Port

    Enter the port number. Select to Enable the query port.

    SNMP V3 Events

    Select the SNMP events to be associated with that user. 

    • CPU usage is high
    • Memory usage is high
    • Log disk usage is high
    • Malware is detected
    • Topology map for cluster has changed
    • Health check status for cluster has changed
  4. Click OK.

Configuring the SNMP agent

The SNMP agent sends SNMP traps that originate on the FortiSandbox system to an external monitoring SNMP manager defined in one of the FortiSandbox SNMP communities. Typically an SNMP manager is an application on a local computer that can read the SNMP traps and generate reports or graphs from them.

The SNMP manager can monitor the FortiSandbox system to determine if it is operating properly, or if any critical events are occurring. The description, location, and contact information for this FortiSandbox system is part of the information for the SNMP manager. This information is useful if the SNMP manager is monitoring many devices, and it will enable faster responses when the FortiSandbox system requires attention.

To configure the SNMP agent:
  1. Go to System > SNMP.
  2. Configure the following settings:

    SNMP Agent

    Enable the FortiSandbox SNMP agent to send FortiSandbox SNMP traps. Disable to stop sending SNMP traps.

    Description

    Description of this FortiSandbox system to help uniquely identify this unit.

    Location

    Location of this FortiSandbox system to help find it if it requires attention.

    Contact

    Contact information for the person in charge of this FortiSandbox system.

    SNMP v1/v2c

    Create, edit, or delete SNMP v1 and v2c communities. You can enable or disable communities in the edit page. Columns include Community Name, Queries, Traps, and Enable.

    SNMP v3

    Create, edit, or delete SNMP v3 entries. You can enable or disable queries in the edit page. Columns include User Name, Security Level, Notification Host, and Queries.

To create a new SNMP v1/v2c community:
  1. Go to System > SNMP.
  2. In the SNMP v1/v2c section, click Create New.
  3. Configure the following settings:

    Enable

    Select to enable the SNMP community.

    Community Name

    Enter a name to identify the SNMP community.

    Hosts

    The list of hosts that can use the settings in this SNMP community to monitor the FortiSandbox system.

     

    IP/Netmask

    Enter the IP address and netmask of the SNMP hosts. Click Add to add additional hosts.

    Queries v1

    Enter the port number and select to enable. Enable queries for each SNMP version that the FortiSandbox system uses.

    Queries v2c

    Enter the port number and select to enable. Enable queries for each SNMP version that the FortiSandbox system uses.

    Traps v1

    Enter the local port number, remote port number, and select to enable. Enable traps for each SNMP version that the FortiSandbox system uses.

    Traps v2c

    Enter the local port number, remote port number, and select to enable. Enable traps for each SNMP version that the FortiSandbox system uses.

    SNMP Events

    Enable the events that will cause the FortiSandbox unit to send SNMP traps to the community.

    • CPU usage is high
    • Memory usage is high
    • Log disk usage is high
    • Malware is detected
    • Topology map for cluster has changed
    • Health check status for cluster has changed
  4. Click OK.
To create a new SNMP v3 user:
  1. Go to System > SNMP.
  2. In the SNMP v3 section, click Create New.
  3. Configure the following settings:

    Username

    Enter the name of the SNMPv3 user.

    Security Level

    Select the security level of the user. Select one of the following:

    • None
    • Authentication only
    • Encryption and authentication

    Authentication

    Authentication is required when Security Level is either Authentication only or Encryption and authentication.

     

    Method

    Select the authentication method:

    • MD5 (Message Digest 5 algorithm)
    • SHA1 (Secure Hash algorithm)

     

    Password

    Enter the authentication password of at least eight characters.

    Encryption

    Encryption is required when Security Level is Encryption and authentication.

     

    Method

    Select the encryption method: DES or AES.

     

    Key

    Enter the encryption key of at least eight characters.

    Notification Hosts (Traps)

     

    IP/Netmask

    Enter the IP address and netmask. Click Add to add additional hosts.

    Query

     

    Port

    Enter the port number. Select to Enable the query port.

    SNMP V3 Events

    Select the SNMP events to be associated with that user. 

    • CPU usage is high
    • Memory usage is high
    • Log disk usage is high
    • Malware is detected
    • Topology map for cluster has changed
    • Health check status for cluster has changed
  4. Click OK.