How to Securely Monitor a FortiGate Firewall with Paessler PRTG Network Monitor
Originally published on November 08, 2018 by Shaun Behrens
Last updated on May 04, 2022 • 5 minute read
Update May 2022: Meanwhile we decided to create native sensors for monitoring FortiGate devices. Paessler PRTG provides you with two sensors, FortiGate System Statistics and FortiGate VPN Overview. For more information, see...
We love it when our users compile information that might be of use to other PRTG users, or even just IT Administrators in general. And in today's post, we highlight a how-to guide written by a PRTG user.
Florian Thiele is an IT Security Architect. He has worked with FortiGate firewalls and PRTG Network Monitor for 10 years. He's written for us before (check out Using a Fortinet FortiGate as Reverse Proxy for PRTG). Now he has put together a document about how to monitor FortiGate firewalls with PRTG (download below). In it, he not only provides some information specifically related to PRTG, but also provides some general information about FortiGate firewalls that might also be useful on its own.
Please note: The accompanying PDF file (see below) was created by a PRTG user, who has carefully compiled the information and provided it to the best of his knowledge. As the solution is not part of PRTG itself, it is not officially supported by Paessler or PRTG Technical Support. Yet, we wanted to share it with you as it might be of interest for many PRTG users.
You must also be aware that if you configure any of the parts incorrectly, you may leave yourself open to an intruder gaining access to anything configured within PRTG. This includes User ID's, passwords, IP names, etc. In other words: no warranties are expressed or implied. Paessler, its employees or its partners cannot be held liable for any damages that you may incur as a result of following this guide.
The How-To Guide
FortiGate Firewalls offer a lot of different management interfaces. There are many ways to monitor them, but Florian suggests a few methods that he knows work and are secure. The How-To document is packaged as a PDF, and you can download it directly by clicking the banner below.
To give you a look at what is covered in the document, here are some of the topics:
- Harden interfaces
- Configure trusted hosts
- SNMPv3 AuthPriv monitoring
- PRTG SNMPv3 Configuration
- SNMP OIDs and Traps
- Common Fortigate Traps
- And more!
We'd love to hear your experiences or feedback - just leave a comment below! And check out Florian's blog: