In a Fortinet Security Fabric, what can make an upstream FortiGate create traffic logs associated with sessions initiated on downstream FortiGate devices?
A.
The traffic destination is another FortiGate in the fabric.
B.
The upstream FortiGate is configured to do NAT.
C.
Log redundancy is configured in the fabric.
D.
The downstream device cannot connect to FortiAnalyzer.
A. Incorrect, the only thing that changes the log it was received by
is UTM and NAT logs
B. Correct, UTM and NAT
C. incorrect
D. incorrect, all logs in the fabric appear as coming from the root FG
A session's traffic logging is always done by the first FG that handled
it in the Fabric. FG devices in the fabric know the MAC of their upstream
and downstream peers. It does not generate a log for packets coming from
other FG's to eliminate the repeated logging of a session. The exception
is if the upstream FG performs NAT, this is needed to record details such
as translated ports and addresses. UTM logs are another exception.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Slikings
1 month, 4 weeks ago066c9f3
2 months agoBeatledrew
3 months ago