Full Access Fortinet FCP_FAZ_AD-7.4 Tutorials

In order to configure IOC, you require the following:

• A one-year subscription to IOC. Note that FortiAnalyzer does include an evaluation license, but it is restrictive and only meant to give you an idea of how the feature works.

• A web filter services subscription on FortiGate device(s)

• Web filter policies on FortiGate device(s) that send traffic to FortiAnalyzer

Compromised Hosts or Indicators of Compromise service (IOC) is a licensed feature.

To view Compromised Hosts, you must turn on the UTM web filter of FortiGate devices and subscribe your FortiAnalyzer unit to FortiGuard to keep its local threat database synchronized with the FortiGuard threat database. See Subscribing FortiAnalyzer to FortiGuard.

Ref : /6.4.0/administration-guide/137635/viewing-compromised-hosts

What does the System Configuration backup include?

System information, such as the device IP address and administrative user information.

Device list, such as any devices you configured to allow log access.

Report information, such as any configured report settings, as well as all your custom report details. These are not the actual reports.

FortiAnalyzer_7.0_Study_Guide-Online pag. 29

FortiAnalyzer_7.0_Study_Guide-Online.pdf page 29: What does the System Configuration backup include?

• System information, such as the device IP address and administrative user information

• Device list, such as any devices you configured to allow log access

• Report information, such as any configured report settings, as well as all your custom report details. These are not the actual reports.

FAZ/1100_Storage/0017_Deleted%20device%20logs.htm

rtianalyzer/6.2.5/administration-guide/87802/automatic-deletion