You can use the SMC to monitor system components and third-party devices. You can also view and filter logs, and create Reports from them.
You can view log, alert, and audit entries through the log browsing views. You can view data from SMC servers, all types of engines, and from third-party components that are configured to send data to the SMC.
You can browse, filter, and search for log data in the Logs view.
Link to the latest FlexEdge Secure SD-WAN online documentation.
This online help was created for Forcepoint FlexEdge Secure SD-WAN, version 7.2.
Before setting up Forcepoint FlexEdge Secure SD-WAN, it is useful to know what the different components do and what engine roles are available.
Before you can set up the system and start configuring elements, you must consider how the different SMC components should be positioned and deployed.
After deploying the SMC components, you are ready to start using the Management Client and carrying out some of the first configuration tasks.
You can monitor Secure SD-WAN components and view system summaries in the Management Client.
The Application Health Monitoring dashboard lets administrators monitor network and application layers connection quality.
The SMC can be configured to log and monitor other manufacturers’ devices in much the same way as SMC components are monitored.
The Logs view displays all log, alert, and audit entries for the SMC.
The Fields pane provides several alternative views to the log entry that is selected.
Efficient use of the logs requires that you filter the records displayed in the Logs view.
You can filter logs based on the components that created the entries.
You can specify which servers and storage folders to include.
You can use Log Data Contexts to select which type of log data is displayed in the Logs view and in the Reports view.
You can add statistical items to a section of the Statistics view.
The Log Analysis view provides various tools to analyze logs, alerts, and audit entries.
By default, log entries are sorted according to their creation time. You can alternatively sort log entries according to any other column heading.
You can save snapshots of log, alert, and audit entries in the Log Analysis view.
The snapshots of log, alert, and audit entries are listed in the Monitoring view.
You can skip around logs from different time periods using the timeline.
The Logs view has two operating modes. One mode shows a fixed time frame, the other is a stream of current log entries, which also includes temporary entries.
To get more information about the source of traffic that triggered a log entry, you can look up the Whois record of IP addresses in log entries.
If you have saved copies of the most recent log and alert entries locally on the Secure SD-WAN Engine, you can browse the log and alert entries on the command line of the Secure SD-WAN Engine.
There are various ways in which you can customize how entries in the Log view are displayed.
You can export log entries in various ways and formats.
You can save lists of elements, logged data, reports, statistics, and diagrams in PDF format or as HTML. You can customize the format of the PDF files.
You can use log entry details to generate new rules.
Elasticsearch is an open-source search engine that runs on an external Elasticsearch server cluster. You can forward log data from Log Servers and Management Servers to an Elasticsearch cluster to improve the performance of browsing and searching for log entries, report generation, and other log-related features.
Reports are summaries of logs and statistics that allow you to combine large amounts of data into an easily viewable form.
Filters allow you to select data based on values that it contains. Most frequently, you use filters when viewing logs, but filters can also be used for other tasks, such as exporting logs and selecting data for reports.
Diagrams allow you to visualize your network security environment.
You can command and set options for engines through the Management Client or on the engine command line. You can also stop traffic manually.
SD-WAN Manager configuration allows you to customize how the SMC components work.
You can create and modify Engines, IPS engines, Layer 2 Engines, Master Engines and Virtual Secure SD-WAN Engines. You can configure the Secure SD-WAN Engine properties, activate optional features, and configure advanced Secure SD-WAN Engine settings.
Use the Management Client to configure static or dynamic routing, and use a Multi-Link configuration to manage and distribute inbound and outbound connections.
Policies are key elements that contain rules for allowing or blocking network traffic and inspecting the content of traffic.
User accounts are stored in internal databases or external directory servers. You can use Secure SD-WAN in the Engine/VPN role or external authentication servers to authenticate users.
Secure SD-WAN supports both policy-based and route-based VPN tunnels between VPN gateways. For full remote access, Secure SD-WAN supports both IPsec and SSL VPN tunnels for VPN clients.
Maintenance includes procedures that you do not typically need to do frequently.
Troubleshooting helps you resolve common problems in the Secure SD-WAN and SMC.