Blog :: Network Operations

Would you like to have some traffic visibility on your Fortinet firewall?

When you work in the field that I do, sometimes you celebrate events that leave other people scratching their heads wondering what the hype is all about.

A customer of mine and I were recently having a discussion on various devices that supported NetFlow. His Fortinet firewall became part of the discussion, and at the time, I didn’t think it supported any kind of flow export. However, after finishing the conversation and hanging up the phone, he sent me an e-mail with a nice link documenting sFlow configs for the Fortinet firewall. (Special shout out to Steve for the link)

With the release of FortiOS 4.0MR2, you now have the option of enabling sFlow to monitor your traffic stream. If you’d like to know more about sFlow, please refer to the indepth blog entitled:

“What is sFlow? How do I understand it?”.

To setup sFlow:

Open the Fortinet CLI and enter the following global configs:

config system sflow

set collector-ip (Scrutinizer server IP)

set collector-port 9996


Now that we have sFlow enabled, we need to configure the interfaces:

config sys interface

edit internal

set sflow-sampler enable

set sample-rate 512 (to know more about sample rates and which is more appropriate to use, view this blog that discusses suggested sample rates)

set sample-direction both

set polling-interval 60



And there you have it folks! If there any questions or if you’d like to know more about what sFlow can do for you, let us know.