FORTINET DOCUMENT LIBRARY FORTINET VIDEO GUIDE FORTINET BLOG CUSTOMER SERVICE & SUPPORT FORTIGATE COOKBOOK FORTINET TRAINING SERVICES

Similar documents
FortiMail AWS Deployment Guide

FortiClient (Android) - Release Notes VERSION 5.4.0

FortiVoice Phone System Release Notes VERSION GA

FortiADC Transparent Mode Configuration Guide VERSION 1.0.0

FortiVoice Phone System Release Notes VERSION GA

FortiVoice Phone System Release Notes VERSION GA

FortiManager VM - Install Guide VERSION 5.2

FortiMail Release Notes VERSION GA

FortiTester Handbook VERSION FortiTester Handbook Fortinet Technologies Inc.

FortiVoice Phone System Release Notes VERSION GA

FortiCam FD40 Mounting Guide

FortiVoice Enterprise Phone System Release Notes

FortiVoice 200D/200D-T/2000E-T2 High Availability Technical Note

FortiMail Release Notes VERSION GA

FortiAuthenticator - Two-Factor Authentication for Web Applications Solution Guide VERSION 1.0

FortiADC with MS Exchange 2016 Deployment Guide

FortiTester 2.1. Handbook

FortiExtender Release Notes VERSION 3.2.2

FortiMail Release Notes VERSION GA

FortiManager - Upgrade Guide. Version 5.6.3

FortiRecorder Central User Guide VERSION 1.3

FortiManager - Upgrade Guide. Version 5.6.1

FortiRecorder v2.2.2 GA. Release Notes

Technical White Paper NetBackup 8.1 and later. NetBackup in the AWS Cloud: Required setup to use Amazon EFS as the NetBackup CloudCatalyst cache

FortiMail REST API Reference. Version 6.0.0

It is recommended to complete the tutorial using a web browser from the same operating system as your Putty or SSH client (e.g. Ubuntu terminal).

FortiCore. FortiCore 3600E, 3700E and 3800E

FortiVoice-VM with Grandstream PSTN Gateway Configuration Guide

FortiSwitch - Release Notes 3.6.2

FortiVoice Enterprise Phone Systems

Sputnik Installation and Configuration Guide

FortiVoice Enterprise Phone Systems

Configuring FortiVoice for Primus USA VoIP service

Salesforce Integration. With FortiVoice Enterprise Technical Note

FortiCore E-Series. SDN Security Appliances. Highlights. Securing Software Defined Networking (SDN) Architectures. Key Features & Benefits

Installation of Informatica Services on Amazon EC2

FortiManager VM - Install Guide. Version 5.6

AltaVault Cloud Integrated Storage Installation and Service Guide for Cloud Appliances

FortiManager VM - Install Guide VERSION 5.4

Precursor Steps & Storage Node

If you had a freshly generated image from an LCI instructor, make sure to set the hostnames again:

FortiFone QuickStart Guide for FON-175

for Cloud Computing University of Washington Tacoma Fall

This general availability release of Network Manager introduces several new features and fixes to improve user experience and performance.

FortiVoice Enterprise

FortiRecorder Central 1.2. User Guide

Lab #9: Configuring A Linux File Server

Control-M Workload Automation

FortiFone IP Telephones

FortiVoice Enterprise

Vertica on Microsoft Azure HPE Vertica Analytic Database. Software Version: 7.2.x

Intel Cache Acceleration Software (Intel CAS) for Linux* v2.8 (GA)

Figure 1 0: AMI Instances

VX 9000E WiNG Express Manager INSTALLATION GUIDE

FortiDDoS Release Notes. Version 4.4.2

EX200.redhat

FortiManager & FortiAnalyzer - Event Log Reference. Version 5.6.2

MySQL and Virtualization Guide

FortiManager & FortiAnalyzer - Event Log Reference VERSION 5.4.4

VX 9000 Virtualized Controller INSTALLATION GUIDE

FortiCam SD20 Mounting Guide

Oracle Enterprise Manager Ops Center. Overview. What You Need. Create Oracle Solaris 10 Zones 12c Release 3 ( )

E June Oracle Linux Storage Appliance Deployment and User's Guide

This is sometimes necessary to free up disk space on a volume that cannot have extra disk space easily added.

Oracle Database Appliance Kit for WebLogic Server

Oracle Enterprise Manager Ops Center. Introduction. Provisioning Oracle Solaris 10 Operating Systems 12c Release 2 ( )

NetApp Cloud Volumes Service for AWS

BT Cloud Compute. Adding a Volume to an existing VM running Linux. The power to build your own cloud solutions to serve your specific business needs

LINUX, WINDOWS(MCSE),

HySecure Quick Start Guide. HySecure 5.0

EX200.exam.35q. Number: EX200 Passing Score: 800 Time Limit: 120 min. EX200. Red Hat Certified System Administrator RHCSA

IBM Security Guardium Cloud Deployment Guide AWS EC2

FortiRecorder v2.5.0 GA. Release Notes

Oracle Fusion Middleware

Configuring a Palo Alto Firewall in AWS

An introduction to Logical Volume Management

Quick Start Guide for Intel FPGA Development Tools on the Microsoft* Azure* Platform

FortiManager & FortiAnalyzer - Event Log Reference VERSION 5.4.3

Netwrix Auditor. Virtual Appliance and Cloud Deployment Guide. Version: /25/2017

FortiManager & FortiAnalyzer - Event Log Reference VERSION 5.4.1

EdgeConnect for Amazon Web Services (AWS)

Actual4Test. Actual4test - actual test exam dumps-pass for IT exams

Illustrated Steps to create greggroeten.net with AWS

FortiSwitchOS 3.x Administration Guide

Bare Metal Server. User Guide. Issue 11 Date

Amazon Web Services Hands on EC2 December, 2012

Amazon Web Services EC2 Helix Server

How to add additional disks to XenServer host

(32 KB) 216 * 215 = 231 = 2GB

Installing the Nasuni Filer on the EC2 Platform. Version 7.9 July 2017 Last modified: July 10, Nasuni Corporation All Rights Reserved

File Storage Level 100

High Availability & Fault Tolerance of the Deployment Manager using NFS on Linux

Changing user login password on templates

Eucalyptus User Console Guide

CIT 668: System Architecture. Amazon Web Services

Pexip Infinity and Amazon Web Services Deployment Guide

RH202. Redhat Certified Technician on Redhat Enterprise Linux 4 (Labs) Exam.

AWS Course Syllabus. Linux Fundamentals. Installation and Initialization:

FortiMail Release Notes VERSION GA

This section describes the procedures needed to add a new disk to a VM. vmkfstools -c 4g /vmfs/volumes/datastore_name/vmname/xxxx.

Transcription:

Guide

FORTINET DOCUMENT LIBRARY http://docs.fortinet.com FORTINET VIDEO GUIDE http://video.fortinet.com FORTINET BLOG https://blog.fortinet.com CUSTOMER SERVICE & SUPPORT https://support.fortinet.com http://cookbook.fortinet.com/how-to-work-with-fortinet-support/ FORTIGATE COOKBOOK http://cookbook.fortinet.com FORTINET TRAINING SERVICES http://www.fortinet.com/training FORTIGUARD CENTER http://www.fortiguard.com FORTICAST http://forticast.fortinet.com END USER LICENSE AGREEMENT http://www.fortinet.com/doc/legal/eula.pdf FORTINET PRIVACY POLICY https://www.fortinet.com/corporate/about-us/privacy.html FEEDBACK Email: techdocs@fortinet.com 03/30/2018 uide Revision 1

TABLE OF CONTENTS Change Log 4 Installing NFS Server for FortiSIEM Event Storage 5 Installation in CentOS Linux 6.x 5 Installation in AWS Environment 7 FortiSIEM - NFS Storage Guide 3

Change Log Change Log Date Change Description 03-30-2018 Initial version of FortiSIEM - NFS Storage Guide 4 FortiSIEM - NFS Storage Guide

Installing NFS Server for FortiSIEM Event Storage Installation in CentOS Linux 6.x Installing NFS Server for FortiSIEM Event Storage When you install FortiSIEM, you have the option to use either local storage or NFS storage. For cluster deployments using Workers, the use of an NFS Server is required for the Supervisor and Workers to communicate with each other. This document describes how to set up and configure NFS servers for use with FortiSIEM. NFS Server on Windows is not supported. If Elasticsearch is chosen as the Event Database, the Supervisor needs an additional 8 GB RAM - in this case, the minimum requirement of the Supervisor is 32 GB RAM. If NFS is chosen as the storage option, FortiSIEM mounts the NFS partition using NFSv3 protocol by default. However, most Linux based NFS servers and commercial servers also support the NFSv4.1 protocol which allows parallel I/O from threads/processes on the same node. NFSv3 serializes I/O across threads/processes on one machine. Based on the FortiSIEM performance testing results using NFSv4.1 protocol - if the customer NFS server supports NFSv4.1, it is recommended to change the mount option manually across Super and Workers and reboot the cluster. In /etc/fstab, change nfsvers=3 to nfsvers=4.1. Make sure you test this on a separate mount point before making the change on FortiSIEM cluster. Installation in CentOS Linux 6.x Follow the steps below to install NFS Server in CentOS Linux 6.x: 1. Login to CentOS 6.x as 'root'. 2. Download and install the NFS packages using the command: yum install nfs-utils nfs-utils-lib 3. Run the NFS server start-up scripts: chkconfig nfs on service rpcbind start service nfs start 4. Check NFS service status and make sure the nfsd service using the command: service nfs status 5. Create a new directory in large volume to share with the FortiSIEM Supervisor and Worker nodes, and change the access permissions to provide FortiSIEM with access to the directory using the command: mkdir /FortiSIEM chmod -R 777 /FortiSIEM 6. Edit the /etc/exports file to share the /FortiSIEM directory with the FortiSIEM Supervisor and Worker nodes by running: vi /etc/exports /FortiSIEM <Supervisor_IP_Address>(rw,sync,no_root_squash) /FortiSIEM <Worker1_IP_Address>(rw,sync,no_root_squash) /FortiSIEM Worker2_IP_Address>(rw,sync,no_root_squash) FortiSIEM - NFS Storage Guide 5

Installation in CentOS Linux 6.x Installing NFS Server for FortiSIEM Event Storage 7. Save your changes to /etc/exports and restart the NFS server using the command: service nfs restart 8. Check shared directories using the command: showmount -e localhost Example: Export list for localhost /FortiSIEM <Supervisor_IP_Address>,<Worker1_IP_Address>,<Worker2_IP_Address> 6 FortiSIEM - NFS Storage Guide

Installing NFS Server for FortiSIEM Event Storage Installation in AWS Environment Installation in AWS Environment Follow the steps below to install NFS Server in an AWS Environment: Step 1: Launch FortiSIEM Supervisor from AWS Marketplace 1. Logon to your AWS account. 2. Go to Services > Compute > EC2. 3. Click EC2 Dashboard > Launch Instance. 4. Select HVM Amazon Linux 2 LTS AMI (HVM) 64-bit Instance. 5. Click Compute Optimized C5 Instance. 6. Configure the Instance details following the steps: a. Choose '1' in the number of instances. b. Choose 'Network' as the VPC selected for Supervisor and Worker nodes. c. Choose 'Subnet' as the subnet where you want to launch FortiSIEM VMs. d. Set Auto-assign public IP as 'Disabled'. e. Set Shutdown behavior as 'Stop' f. Check Enable termination protection. g. In Network Interfaces, choose the Primary IP as the Private IP of your choice within that subnet. You can select 'Auto-Assign' which is the default option. h. Click Add Storage. You can the default for root partition. Since you need storage for event data, add a new EBS volume based on your storage requirements (minimum 50GB). i. Click Add Tags. You can add a tag similar to FortiSIEM EventDB NFS to search the instance. j. Click Configure Security Group. k. Create a new Security Group and keep the defaults which are needed for FortiSIEM to operate. l. Click Review and Launch and click Launch. m. Select Create a new key pair and provide a key pair name of your choice n. Click Download Key Pair and save the.pem file. o. Click Launch Instance and wait for the instance to start. 7. Configure Elastic IP following the steps: a. Go to EC2 Dashboard > Elastic IPs. b. Click Allocate New Address. c. Select VPC and click Allocate. The IP address will be allocated. d. Click the Elastic IP that was allocated. e. Click Actions > Associate address and select the instance by searching the tag you created in Step 6i. f. Click Associate. FortiSIEM - NFS Storage Guide 7

Installation in AWS Environment Installing NFS Server for FortiSIEM Event Storage Step 2: Start and Configure NFS Server Do not press any control keys (for example - Ctrll-C or Ctrll-Z) while configuring the virtual appliances, as this may cause the installation process to stop. If this happens, you must erase the virtual appliance and start the installation process again. 1. SSH into Supervisor console using keys in Step 6m above using user 'ec2-user'. For details about connecting to the instance, see here. 2. Configure the NFS mount point access to give the FortiSIEM internal IP full access. An example of creating a 1TB EventDB volume and exporting it as NFS is shown below: [ec2-user@ip-10-0-5-152 ~]$ sudo su - Last login: Tue Mar 27 23:57:47 UTC 2018 on pts/0 [root@ip-10-0-5-152 ~]# yum update -y [root@ip-10-0-5-152 ~]# reboot [root@ip-10-0-5-152 ~]# pvcreate /dev/nvme1n1 Physical volume "/dev/nvme1n1" successfully created. [root@ip-10-0-5-152 ~]# pvdisplay "/dev/sdb" is a new physical volume of "1.00 TiB" --- NEW Physical volume --- PV Name /dev/sdb VG Name PV Size Allocatable 1.00 TiB NO PE Size 0 Total PE 0 Free PE 0 Allocated PE 0 PV UUID 7xOcO0-vuaA-3djP-CerD-TxPd-9Uge-1fm0hk [root@ip-10-0-5-152 ~]# vgcreate VGEventDB /dev/sdb Volume group "VGEventDB" successfully created [root@ip-10-0-5-152 ~]# lvcreate -l 100%vg -n LVEventDB VGEventDB Logical volume "LVEventDB" created. 8 FortiSIEM - NFS Storage Guide

Installing NFS Server for FortiSIEM Event Storage Installation in AWS Environment [root@ip-10-0-5-152 ~]# mkfs.ext4 -j /dev/vgeventdb/lveventdb mke2fs 1.42.9 (28-Dec-2013) Filesystem label= OS type: Linux Block size=4096 (log=2) Fragment size=4096 (log=2) Stride=0 blocks, Stripe width=0 blocks 67108864 inodes, 268434432 blocks 13421721 blocks (5.00%) reserved for the super user First data block=0 Maximum filesystem blocks=2415919104 8192 block groups 32768 blocks per group, 32768 fragments per group 8192 inodes per group Superblock backups stored on blocks: 32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208, 4096000, 7962624, 11239424, 20480000, 23887872, 71663616, 78675968, 102400000, 214990848 Allocating group tables: done Writing inode tables: done Creating journal (32768 blocks): done Writing superblocks and filesystem accounting information: done [root@ip-10-0-5-152 ~]# echo "/dev/vgeventdb/lveventdb /data ext4 defaults 1 1" >> /etc/fstab [root@ip-10-0-5-152 ~]# mkdir /data [root@ip-10-0-5-152 ~]# mount /data [root@ip-10-0-5-152 ~]# echo "/data 10.0.0.0/16(rw,no_root_squash)" > /etc/exports [root@ip-10-0-5-152 ~]# exportfs -ar [root@ip-10-0-5-152 ~]# chkconfig --levels 2345 nfs on Note: Forwarding request to 'systemctl enable nfs.service'. Created symlink from /etc/systemd/system/multi-user.target.wants/nfsserver.service to /usr/lib/systemd/system/nfs-server.service. [root@ip-10-0-5-152 ~]# chkconfig --levels 2345 rpcbind on FortiSIEM - NFS Storage Guide 9

Installation in AWS Environment Installing NFS Server for FortiSIEM Event Storage Note: Forwarding request to 'systemctl enable rpcbind.service'. [root@ip-10-0-5-152 ~]# service rpcbind start Redirecting to /bin/systemctl start rpcbind.service [root@ip-10-0-5-152 ~]# service nfs start Redirecting to /bin/systemctl start nfs.service 10 FortiSIEM - NFS Storage Guide

Copyright 201 Fortinet, Inc. All rights reserved. Fortinet, FortiGate, FortiCare and FortiGuard, and certain other marks are registered trademarks of Fortinet, Inc., in the U.S. and other jurisdictions, and other Fortinet names herein may also be registered and/or common law trademarks of Fortinet. All other product or company names may be trademarks of their respective owners. Performance and other metrics contained herein were attained in internal lab tests under ideal conditions, and actual performance and other results may vary. Network variables, different network environments and other conditions may affect performance results. Nothing herein represents any binding commitment by Fortinet, and Fortinet disclaims all warranties, whether express or implied, except to the extent Fortinet enters a binding written contract, signed by Fortinet s General Counsel, with a purchaser that expressly warrants that the identified product will perform according to certain expressly-identified performance metrics and, in such event, only the specific performance metrics expressly identified in such binding written contract shall be binding on Fortinet. For absolute clarity, any such warranty will be limited to performance in the same ideal conditions as in Fortinet s internal lab tests. In no event does Fortinet make any commitment related to future deliverables, features or development, and circumstances may change such that any forward-looking statements herein are not accurate. Fortinet disclaims in full any covenants, representations, and guarantees pursuant hereto, whether express or implied. Fortinet reserves the right to change, modify, transfer, or otherwise revise this publication without notice, and the most current version of the publication shall be applicable.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback