Manufacturer: STORMSHIELD
Model(s): SN160(W), SN210(W), SN310, SN510, SN710, SN-M-Series-720, SN910, SN-M-Series-920, SN1100, SN2000, SN2100, SN3000, SN3100, SN6000, SN6100, SNi20, SNi40, SNxr1200, EVA1, EVA2, EVA3, EVA4 and EVAU.
Version(s): v4.6.2
Configuration steps
IPFIX is configured in the log section of the configuration. The log configuration screen consists of 3 tabs:
Local storage
Syslog
IPFIX
- Once in the log configuration screen, select the IPFIX tab.
This button makes it possible to enable or disable the sending of logs to an IPFIX collector.
This button makes it possible to enable or disable the sending of logs to an IPFIX collector.Note: There are four templates are defined by default:
- IPv4 connections without address translation (NAT),
- IPv4 connections with NAT,
- IPv6 connections,
- alarms
These templates define whether information contained in alarm (l_alarm), connection (l_connection), intrusion prevention plugin (l_plugin), or packet filtering (l_filter) log files will be sent.
- IPFIX collector – Select or create a host object corresponding to the IPFIX collector. Groups cannot be selected. This would be the IP address of your Scrutinizer Collector or Plixer Replicator IP address.
- Protocol – Select UDP.
- Under the Advanced Properties; Port – Choose an object corresponding to the communication port between the firewall and the IPFIX The default value suggested is IPFIX(port 4739).