Modes of Operation for FortiAnalyzer

Which device in the Security Fabric generates a new traffic log if it performs NAT?

Which device in the Security Fabric generates UTM logs if configured?

Which device in the Security Fabric correlates traffic logs to corresponding UTM logs?

Which device in the Security Fabric logs traffic of a session if it handled it first?

Which device in the Security Fabric knows the MAC addresses of its upstream and downstream peers?

Which device in the Security Fabric generates a traffic log for a session that it performs IPS inspection on?

Which device in the Security Fabric receives traffic logs from all FortiGate devices?

Which device in the Security Fabric continues to log traffic to FortiAnalyzer if the root FortiGate is down?

Which device in the Security Fabric applies SNAT on outbound communications for RFC-1918 hosts?

Which device in the Security Fabric provides device detection, breach isolation, and basic DoS protection?

Which mode of operation is the default for a FortiAnalyzer device?

What is the purpose of a collector mode on a FortiAnalyzer device?

In which mode can a FortiAnalyzer device forward logs to a syslog or CEF server in real-time?

What is the main difference between analyzer mode and collector mode on a FortiAnalyzer device?

Where can you change the operating mode of a FortiAnalyzer device?

What is the default mode of operation for a FortiAnalyzer device?

What is the main purpose of a FortiAnalyzer device operating in collector mode?

In which mode does a FortiAnalyzer device act as a central log aggregator for one or more log collectors?

What feature is not available in collector mode on a FortiAnalyzer device?

What does a FortiAnalyzer device support in relation to the Security Fabric?