Configuring Log Forwarding and Security Profile Groups

Overview

When Designer creates a new rule, its default is to set the Log Forwarding Profiles and Security Profile Groups to None. If you want Designer to automatically set a specific value for these profiles, you can configure it in stconf. You can set these profiles globally or per Device Management ID.

In Panorama, when a profile is set per Device Management ID, it also affects all the devices that are beneath it in the device hierarchy.

Security Profile groups are relevant for Panorama and Fortinet. Log forwarding profiles are only relevant for Panorama.

Prerequisites

Any profile that is defined, must be defined on the device.

Configure the Log Forwarding Profile and Security Profile Group

Navigate to: https://<SecureTrack_IP>/securetrack/admin/stcgitest.htm
Navigate to Edit StConf > Fetch StConf.
In the stconf file, navigate to the Designer_Default_Profiles ;.

Add the Log_Forwarding_Profile and Security_Profile_Group

<Designer_Default_Profiles>
                        <Log_Forwarding_Profile>
                        <Profile>log_forwarding_profile1</Profile>
                        <Profile management="11">log_forwarding_profile1</Profile>
                        </Log_Forwarding_Profile>
                        <Security_Profile_Group>
                        <Profile>security_group_profile1</Profile>
                        <Profile management="11">security_group_profile1</Profile>
                        </Security_Profile_Group>
                    </Designer_Default_Profiles>

where

<Profile>log_forwarding_profile1</Profile> defines the global default.
<Profile management="11">log_forwarding_profile1</Profile> defines default profile for Device Management ID 11. For Panorama, this will apply to this management ID and all the Device Groups beneath it in the hierarchy. When the profile provided is not found on the device, the global default is used. If no global default is found, none will be used.

Click Submit New Conf.