11/10/2023 0 Comments Fortigate packet capture wireshark![]() The packet capture continues until either the configured number of packets is reached, or the administrator stops the packet capture. Select a packet filter from the list of packet capture filters. Enable Filters to configure filtering based upon Host (addresses), Port, VLAN, or Protocol.ġ. Specify the maximum number of packets to capture.Ħ. Select an interface from the drop down menu.ĥ. If FortiGate does not allow an authorized administrator to capture packets based on interface, host, VLAN, or protocol, this is a finding.Ĥ. Verify different Packet Capture Filters are configured and that capture packets based on interface, host, VLAN, or protocol. Log in to the FortiGate GUI with Super-Admin privilege.ģ. This configuration ensures the ability to select specific sessions to capture in order to support general auditing/incident investigation or to validate suspected misuse.įortinet FortiGate Firewall Security Technical Implementation Guideĭetails Check Text ( C-37344r611475_chk ) Without the ability to capture, record, and log content related to a user session, investigations into suspicious user activity would be hampered.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |