FortiAnalyzer for Microsoft Azure is deployed as a virtual appliance in Microsoft Azure cloud (IaaS). This recipe shows you how to install and configure a FortiAnalyzer-VM virtual appliance in Microsoft Azure.
1. Registering and downloading your license |
|
|
If you’re deploying a FortiAnalyzer-VM in the Microsoft Azure marketplace, you must obtain a license to activate it. FortiAnalyzer-VM for Microsoft Azure supports a bring-your-own-license (BYOL) licensing model. Licenses can be obtained through any Fortinet partner. If you don’t have a partner, contact azure@fortinet.com for assistance in purchasing a license. After you purchase a license or obtain an evaluation license (60-day term), you will receive a PDF with an activation code. |
|
| Go to https://support.fortinet.com/ and either create a new account or log in with an existing account. | |
|
Go to Asset > Register/Renew to start the registration process. In the Specify Registration Code field, enter your license activation code and select Next to continue registering the product. Enter your details in the other fields. |
 |
|
At the end of the registration process, download the license (.lic) file for your FortiAnalyzer-VM. After registering a license, Fortinet servers may take up to 30 minutes to fully recognize the new license. When you upload the license (.lic) file to activate the FortiAnalyzer-VM (in step 3), if you get an error that the license is invalid, wait 30 minutes and try again. |
|
2. Creating a FortiAnalyzer-VM |
|
| Log in to the Microsoft Azure Portal and select + New. |  |
| Search for Fortinet FortiAnalyzer Centralized Log Analytics and select it from the search results. |  |
| Under Select a deployment model, ensure that Resource Manager is selected. Select Create. |  |
|
In the Basics section, set a FortiAnalyzer-VM name in the FortiAnalyzer virtual appliance name field. Set a FortiAnalyzer administrative username. This name can’t be admin or root. Choose a FortiAnalyzer password for the new account and confirm the password. For security reasons, it’s not possible to reset this password through the Microsoft Azure portal, so make sure that you remember the password. Select the appropriate Subscription from the drop-down list. You may have only one option here. Create a new Resource group. Currently, it’s not possible to select an existing resource group for a Microsoft Azure Marketplace template set. Set a Location for the VM. Select OK. |
 |
|
In the Network and Storage Settings section, select Virtual network. You can either create a new virtual network (VNet) or select an existing one. In the Address space field, accept the default values or specify your own. Select OK. |
 |
|
In the Subnet section, the Subnet name and Subnet address prefix are pre-defined and you shouldn’t need to change the default values. Select OK. |
 |
|
In the Virtual machine size section, select the appropriate VM size for your deployment. In the Microsoft Azure Marketplace, the FortiAnalyzer virtual machines come in a variety of sizes, from A0 Standard to D4 Standard. Each virtual machine size within each series has different limits for the amount of memory, number of network interface cards (NIC), maximum number of data disks, size of cache, and maximum input/output operations per second (IOPS) and bandwidth. Select OK. |
 |
|
In the Storage account section, choose an existing storage account or create a new one. All resources should be in the same location. Set a Name for the storage account. Under Performance, choose a storage account type. Select the Replication option you want to use. The options are Locally redundant storage (LRS) or Geo-redundant storage (GRS). LRS is where all data in the Microsoft Azure storage account replicates synchronously to three different storage nodes within the primary region that was chosen when you created the Microsoft Azure storage account. GRS is where every entity is replicated into two data centers. The data in the Microsoft Azure storage account is always replicated in order to ensure durability and high availability. Some settings can’t be changed after the storage account is created. To accept the Network and Storage Settings values, select OK. |
 |
|
In the FortiAnalyzer IP address assignments section, select First public IP address resource name. In the Name field, set a name for the public IP address of the FortiAnalyzer. In the Assignment field, select Dynamic or Static. Select OK. In the Public IP address type field, select Static or Dynamic. Select OK. |
 |
| Wait for validation to pass, then select OK. |  |
|
Select Purchase to buy the FortiAnalyzer-VM instance from Microsoft Azure. Once the FortiAnalyzer-VM is deployed, you will see a “Deployment succeeded” message. |
 |
3. Connecting to the FortiAnalyzer-VM |
|
|
To connect to the FortiAnalyzer-VM, you must find its public IP address. There are a number of ways to do this. One way is to select Virtual machines on the left bar and select the FortiAnalyzer-VM you created. Under Essentials, you will see the public IP address of the FortiAnalyzer-VM in the Public IP address field. Connect to the FortiAnalyzer using your browser and the FortiAnalyzer-VM IP address. Log in to the FortiAnalyzer-VM with the FortiWeb administrative username and FortiAnalyzer password that you configured above. |
 |
|
Upload your license (.lic) file to activate the FortiAnalyzer-VM. Restart the FortiAnalyzer-VM and log in again. After you log in, you will see that the license has been uploaded. You need to wait for authentication with the registration servers. This can take up to 15 minutes. Select Return. |
 |
| You will now see the FortiAnalyzer-VM dashboard. |  |
The post Deploying FortiAnalyzer-VM virtual appliance in Microsoft Azure appeared first on Fortinet Cookbook.