WEBVTT 1 00:00.000 --> 00:04.050 In this video, we're going to walk through the process of setting up and using 2 00:04.050 --> 00:04.560 administrative 3 00:04.560 --> 00:09.030 domains on the 40 analyzer. So our first step in our game plan will be to 4 00:09.030 --> 00:10.400 enable that feature 5 00:10.400 --> 00:14.480 because it's off by default. So we'll enable a DOM support. And then by default 6 00:14.480 --> 00:15.120 , when we enable 7 00:15.120 --> 00:18.750 it, we'll have our root item is literally called root. And then all of our 8 00:18.750 --> 00:20.080 existing firewalls, 9 00:20.080 --> 00:24.000 when we enable a DOM support, are going to fall into that root a DOM. And then 10 00:24.000 --> 00:24.400 secondly, 11 00:24.400 --> 00:27.600 let's go ahead and create a second administrative domain. And let's go ahead 12 00:27.600 --> 00:29.760 and call it BR1 for 13 00:29.760 --> 00:34.720 branch one. And then what we can do is move the branch firewall over into and WEBVTT X-TIMESTAMP-MAP=LOCAL:00:00:00.000,MPEGTS:900000 13 00:29.760 --> 00:34.720 branch one. And then what we can do is move the branch firewall over into and 14 00:34.720 --> 00:35.520 now have it report 15 00:35.520 --> 00:40.030 to and send logs messages to that specific administrative domain. So going 16 00:40.030 --> 00:40.640 forward, 17 00:40.640 --> 00:44.900 new log messages from this branch firewall one will be sent to this new ADOM. 18 00:44.900 --> 00:45.520 So with that game 19 00:45.520 --> 00:49.410 plan in place, let's first go into the 40 analyzer, take a look at what 20 00:49.410 --> 00:51.280 currently is, and we'll go 21 00:51.280 --> 00:55.760 to work in setting up and enabling ADOMs. So as a quick check here with our top 22 00:55.760 --> 00:56.960 ology, I've got here 23 00:56.960 --> 01:02.320 firewall one at headquarters site firewall two firewall three, and also the WEBVTT X-TIMESTAMP-MAP=LOCAL:00:00:00.000,MPEGTS:900000 23 00:56.960 --> 01:02.320 firewall one at headquarters site firewall two firewall three, and also the 24 01:02.320 --> 01:03.760 branch firewall. 25 01:03.760 --> 01:07.110 And I've done different color schemes for each one that way, if we need to go 26 01:07.110 --> 01:07.440 back to these 27 01:07.440 --> 01:11.310 interfaces, besides the name at the top left showing which device we're on, it 28 01:11.310 --> 01:11.760 's also going to be 29 01:11.760 --> 01:15.830 visually different based on the colors that we're using. So here's our 40 analy 30 01:15.830 --> 01:16.240 zer. And if 31 01:16.240 --> 01:20.040 go to the status page, right here on the system information widget, it's 32 01:20.040 --> 01:21.760 showing details, including 33 01:21.760 --> 01:25.850 the version. Oh, yeah, I need to remind you, I'm not reminding you to tell you, 34 01:25.850 --> 01:27.440 I took the liberty 35 01:27.440 --> 01:33.630 of upgrading from whatever the thing was seven dot four something to seven dot WEBVTT X-TIMESTAMP-MAP=LOCAL:00:00:00.000,MPEGTS:900000 35 01:27.440 --> 01:33.630 of upgrading from whatever the thing was seven dot four something to seven dot 36 01:33.630 --> 01:34.480 six three, the 37 01:34.480 --> 01:38.380 latest and greatest feature version as of this recording. And here's what I 38 01:38.380 --> 01:39.440 discovered along the 39 01:39.440 --> 01:44.950 way is that every time there's a update with 40 analyzer, sometimes options are 40 01:44.950 --> 01:46.000 moved. And so I 41 01:46.000 --> 01:49.220 would encourage you as you're working with whatever flavor and feature of 40 42 01:49.220 --> 01:50.320 analyzer is that sometimes 43 01:50.320 --> 01:54.010 if something isn't like where it used to be in a previous version, it's very 44 01:54.010 --> 01:55.360 likely still there. 45 01:55.360 --> 02:00.410 And I'm going to be using version 763 going forward with this course to make it WEBVTT X-TIMESTAMP-MAP=LOCAL:00:00:00.000,MPEGTS:900000 45 01:55.360 --> 02:00.410 And I'm going to be using version 763 going forward with this course to make it 46 02:00.410 --> 02:01.600 as current as possible. 47 02:01.600 --> 02:05.520 So here under the status dashboard, I've got the system information widget and 48 02:05.520 --> 02:06.160 right here. 49 02:06.160 --> 02:09.840 In fact, let me go ahead and expand that full screen. So if we expand that, it 50 02:09.840 --> 02:10.400 's showing us right 51 02:10.400 --> 02:14.640 here that the administrative domain feature is currently off right there. And 52 02:14.640 --> 02:15.120 if we go into 53 02:15.120 --> 02:17.980 systems, some of these eight items, it's going to show us right here route, 54 02:17.980 --> 02:18.720 even though we haven't 55 02:18.720 --> 02:22.510 enabled ADOM support yet. So think of what we're seeing here like the default 56 02:22.510 --> 02:23.680 behavior. So to 57 02:23.680 --> 02:27.840 enable ADOMs, we have a couple options. One is we could click right here under 58 02:27.840 --> 02:28.640 system settings, 59 02:28.640 --> 02:32.890 ADOMs and click on enable ADOM. It's going to ask us if we want to do that, or WEBVTT X-TIMESTAMP-MAP=LOCAL:00:00:00.000,MPEGTS:900000 59 02:28.640 --> 02:32.890 ADOMs and click on enable ADOM. It's going to ask us if we want to do that, or 60 02:32.890 --> 02:33.520 we could go back to 61 02:33.520 --> 02:37.280 the dashboard, the status dashboard, and here on system information, which I'll 62 02:37.280 --> 02:38.560 expand once again, 63 02:38.560 --> 02:42.700 and we could go ahead and click right here to enable administrative domains. 64 02:42.700 --> 02:43.200 Either way you 65 02:43.200 --> 02:47.080 want to do it is perfectly fine under system settings or do it right here. So 66 02:47.080 --> 02:47.360 let's go ahead 67 02:47.360 --> 02:51.320 and enable the feature. So we'll click OK. It's going to force us to re log in. 68 02:51.320 --> 02:52.560 So we'll re log in as admin. 69 02:52.560 --> 02:58.240 I'll supply the lab password here for this for the analyzer and we'll click on 70 02:58.240 --> 02:59.120 login. All right, 71 02:59.120 --> 03:02.830 so now we're logged in. So another way of ADOM support enabled. I'm not just WEBVTT X-TIMESTAMP-MAP=LOCAL:00:00:00.000,MPEGTS:900000 71 02:59.120 --> 03:02.830 so now we're logged in. So another way of ADOM support enabled. I'm not just 72 03:02.830 --> 03:03.520 automatically 73 03:03.520 --> 03:07.050 taken to my 40 analyzer. Now I have to select which ADOM. So by default, we're 74 03:07.050 --> 03:07.520 going to go to the 75 03:07.520 --> 03:11.240 route ADOM and our four devices are still there. So there's also an option 76 03:11.240 --> 03:12.480 right here to create a 77 03:12.480 --> 03:15.520 new ADOM if you want to. But before we do that, let me just click right here on 78 03:15.520 --> 03:16.480 route to go into the 79 03:16.480 --> 03:20.220 route ADOM also appear in the upper right showing you which ADOM you're in. So 80 03:20.220 --> 03:20.800 if you need to switch 81 03:20.800 --> 03:24.350 ADOMs, you click there and choose the other ADOM that you have access to. Now 82 03:24.350 --> 03:24.880 we don't have 83 03:24.880 --> 03:29.090 any other ADOMs yet. So we'll fix that here in a moment. And so if we go now to 84 03:29.090 --> 03:30.000 device manager, WEBVTT X-TIMESTAMP-MAP=LOCAL:00:00:00.000,MPEGTS:900000 84 03:29.090 --> 03:30.000 device manager, 85 03:30.000 --> 03:33.190 here in our device manager, you're showing us all of our 48 firewall serves the 86 03:33.190 --> 03:34.480 branch firewall one 87 03:34.480 --> 03:38.210 and then the headquarters firewall one, two and three, which are part of the 88 03:38.210 --> 03:38.720 same 89 03:38.720 --> 03:41.690 Fortinet security fabric. And that's why they're all grouped together under 90 03:41.690 --> 03:42.880 this security fabric. 91 03:42.880 --> 03:46.290 Also, if we went down to system settings and clicked on ADOMs, it also 92 03:46.290 --> 03:47.360 indicates here now, 93 03:47.360 --> 03:51.120 then on our route ADOM, we have those four devices and there's different types 94 03:51.120 --> 03:52.160 of ADOMs for different 95 03:52.160 --> 03:55.520 devices that report in. So there's a long list here that we can see and we're 96 03:55.520 --> 03:56.320 going to be putting 97 03:56.320 --> 04:00.710 all of our ADOMs into a ADOM type of fabric because that's what 40 gates would WEBVTT X-TIMESTAMP-MAP=LOCAL:00:00:00.000,MPEGTS:900000 97 03:56.320 --> 04:00.710 all of our ADOMs into a ADOM type of fabric because that's what 40 gates would 98 04:00.710 --> 04:01.600 report into. 99 04:01.600 --> 04:05.280 So to create a new administrative domain, what we can do is click here and we 100 04:05.280 --> 04:05.760 can click on 101 04:05.760 --> 04:10.040 create new ADOM. That's one option or we can simply right here click on create 102 04:10.040 --> 04:11.440 new to create a new ADOM 103 04:11.440 --> 04:14.800 or when we log in and are selecting the ADOM, there's the option to create new 104 04:14.800 --> 04:15.520 there as well. 105 04:15.520 --> 04:19.150 So let's create a new administrative domain. And based on our plan, we're going 106 04:19.150 --> 04:20.080 to go ahead and call 107 04:20.080 --> 04:25.820 this BR1 dash ADOM. And the type we want to make is fabric because that's the 108 04:25.820 --> 04:27.360 type that a 40 gate 109 04:27.360 --> 04:31.200 is going to send messages to. So select the type of fabric which is the default WEBVTT X-TIMESTAMP-MAP=LOCAL:00:00:00.000,MPEGTS:900000 109 04:27.360 --> 04:31.200 is going to send messages to. So select the type of fabric which is the default 110 04:31.200 --> 04:32.080 and then we get to 111 04:32.080 --> 04:34.700 go ahead and select our device. So right now, if we wanted to bring over the 112 04:34.700 --> 04:36.000 branch firewall, we could 113 04:36.000 --> 04:40.050 or we did a subsequent step. Also, there's details regarding the data policy 114 04:40.050 --> 04:40.800 for how long we're going 115 04:40.800 --> 04:43.920 to keep the data before it gets archived and dyskeletalization. So I'm going to 116 04:43.920 --> 04:44.400 take all those 117 04:44.400 --> 04:49.340 defaults and click on OK. So it's creating this new administrative domain 118 04:49.340 --> 04:50.880 called BR1 dash ADOM. 119 04:50.880 --> 04:54.410 And here it is right here. So so currently I'm logged on as admin with full 120 04:54.410 --> 04:55.760 access. So if we 121 04:55.760 --> 05:00.420 wanted to change administrative domains, I can click on the ADOM up here, click WEBVTT X-TIMESTAMP-MAP=LOCAL:00:00:00.000,MPEGTS:900000 121 04:55.760 --> 05:00.420 wanted to change administrative domains, I can click on the ADOM up here, click 122 05:00.420 --> 05:01.840 on BR1 dash ADOM, 123 05:01.840 --> 05:06.170 and then click right here on our brand new administrative domain called BR1 124 05:06.170 --> 05:06.800 dash ADOM. 125 05:06.800 --> 05:09.980 And it would take us to that now. Unfortunately, there's not going to be 126 05:09.980 --> 05:11.040 logging here because 127 05:11.040 --> 05:15.190 nobody's reporting to this. So if we go to device manager and look at logging 128 05:15.190 --> 05:15.840 devices, 129 05:15.840 --> 05:19.150 there's nothing here because this is the brand new ADOM and we haven't 130 05:19.150 --> 05:20.320 configured any of our 131 05:20.320 --> 05:23.600 firewalls to report to this logical ADOM. So there's a couple of different ways 132 05:23.600 --> 05:24.000 we can bring 133 05:24.000 --> 05:28.400 in device in one is to go system settings and ADOMs and then select this ADOM. 134 05:28.400 --> 05:29.200 And with the selected, 135 05:29.200 --> 05:32.050 we can click on edit. And then from here, we can select the device we want to WEBVTT X-TIMESTAMP-MAP=LOCAL:00:00:00.000,MPEGTS:900000 135 05:29.200 --> 05:32.050 we can click on edit. And then from here, we can select the device we want to 136 05:32.050 --> 05:32.880 bring in. So we'll 137 05:32.880 --> 05:36.580 select the device and we want to bring in our branch firewall one, which is 138 05:36.580 --> 05:37.760 this guy right there. 139 05:37.760 --> 05:41.960 We'll go ahead and click on OK, then click on OK again to confirm. And now it's 140 05:41.960 --> 05:42.640 bringing in 141 05:42.640 --> 05:46.510 that new device. Now the logging information is not yet coming in. So the 142 05:46.510 --> 05:47.520 logging information 143 05:47.520 --> 05:50.710 from our branch firewall, let's look at the topology for a moment together. So 144 05:50.710 --> 05:51.120 the branch 145 05:51.120 --> 05:55.180 firewall is right here. Any existing logs that had sent previously are part of 146 05:55.180 --> 05:56.320 that root ADOM still, 147 05:56.320 --> 06:00.740 but any new logs that are being sent are going to become part of that new WEBVTT X-TIMESTAMP-MAP=LOCAL:00:00:00.000,MPEGTS:900000 147 05:56.320 --> 06:00.740 but any new logs that are being sent are going to become part of that new 148 06:00.740 --> 06:01.840 branch one ADOM we just 149 06:01.840 --> 06:05.980 created. So to confirm that, let's go back to device manager. So here we have 150 06:05.980 --> 06:07.520 our BR1-ADOM. We 151 06:07.520 --> 06:11.470 have one device that's the branch firewall. Fantastic. So if we went to log 152 06:11.470 --> 06:12.880 view and went to logs, 153 06:12.880 --> 06:16.400 and the interface looks a little bit different based on the flavor we're using 154 06:16.400 --> 06:17.440 here. So if I 155 06:17.440 --> 06:21.760 click here on toggle horizontal menu, it's going to go ahead and put those Fort 156 06:21.760 --> 06:22.560 nite logs and log 157 06:22.560 --> 06:26.700 browse on the top. So here's the tab for 40 analyzer, it's logs. And here's the 158 06:26.700 --> 06:28.560 48 firewall logs. And 159 06:28.560 --> 06:33.160 this is the new logs that are now coming in as of just a few minutes ago when WEBVTT X-TIMESTAMP-MAP=LOCAL:00:00:00.000,MPEGTS:900000 159 06:28.560 --> 06:33.160 this is the new logs that are now coming in as of just a few minutes ago when 160 06:33.160 --> 06:34.560 we added branch firewall 161 06:34.560 --> 06:38.290 one to report to this brand new ADOM. So currently it's showing here for the 162 06:38.290 --> 06:39.280 last four hours, let's 163 06:39.280 --> 06:42.930 go ahead and say last five minutes. And let me bring up that computer with AD 164 06:42.930 --> 06:43.520 user seven, 165 06:43.520 --> 06:46.480 let's generate some new traffic just to verify it's showing up in the correct 166 06:46.480 --> 06:47.680 ADOM here. So here 167 06:47.680 --> 06:53.070 is PC seven. And let me go ahead and close the browser. I'm going to reopen it 168 06:53.070 --> 06:54.480 here. Oh, also, 169 06:54.480 --> 06:57.400 it looks like I'm doing some pings in the background. Let me go ahead and close 170 06:57.400 --> 06:57.680 that, 171 06:57.680 --> 07:01.520 close the terminal. And let's go out to YouTube. So we'll go ahead and let's WEBVTT X-TIMESTAMP-MAP=LOCAL:00:00:00.000,MPEGTS:900000 171 06:57.680 --> 07:01.520 close the terminal. And let's go out to YouTube. So we'll go ahead and let's 172 07:01.520 --> 07:02.720 watch a video. So that 173 07:02.720 --> 07:07.430 video is playing and all this log information regarding this traffic going 174 07:07.430 --> 07:08.320 through the branch 175 07:08.320 --> 07:13.070 firewall should now show up in this ADOM called BR one dash eight on because 176 07:13.070 --> 07:14.000 that's the aid on 177 07:14.000 --> 07:17.360 this branch firewall is reporting to you. So you go ahead and close the browser 178 07:17.360 --> 07:18.320 , let me minimize that. 179 07:18.320 --> 07:22.300 And here with logs, it sure is currently set for the last five minutes. Let me 180 07:22.300 --> 07:23.680 do a refresh. Another 181 07:23.680 --> 07:27.910 option here, we could also go to more and say real time logs, and that will 182 07:27.910 --> 07:29.120 just feed in new log 183 07:29.120 --> 07:32.890 information as it comes up. And so it's going to push down those log messages WEBVTT X-TIMESTAMP-MAP=LOCAL:00:00:00.000,MPEGTS:900000 183 07:29.120 --> 07:32.890 information as it comes up. And so it's going to push down those log messages 184 07:32.890 --> 07:33.840 as new one comes in, 185 07:33.840 --> 07:37.140 or we could pause it right here. Again, that's what the real time logs, or we 186 07:37.140 --> 07:38.160 could go to more 187 07:38.160 --> 07:41.610 and go to historical log and just take a look at the historical logs for the 188 07:41.610 --> 07:42.720 last five minutes. 189 07:42.720 --> 07:46.040 And they want to refresh, we could do that as well. And so they're showing us 190 07:46.040 --> 07:47.280 our YouTube traffic 191 07:47.280 --> 07:51.480 that we just generated. So if we switched ADOMs, now went back to the root ADOM 192 07:51.480 --> 07:52.480 , and we looked at 193 07:52.480 --> 07:57.050 the same information in the log view, logs, for net logs, and with Fortigate 194 07:57.050 --> 07:58.000 selected. And we said, 195 07:58.000 --> 08:01.330 let's look at the last five minutes here and click down refresh. We asked some WEBVTT X-TIMESTAMP-MAP=LOCAL:00:00:00.000,MPEGTS:900000 195 07:58.000 --> 08:01.330 let's look at the last five minutes here and click down refresh. We asked some 196 08:01.330 --> 08:02.480 YouTube traffic, 197 08:02.480 --> 08:06.000 but it's coming from a different client. So we double click on this and take a 198 08:06.000 --> 08:06.480 look at the 199 08:06.480 --> 08:10.900 details here. This is coming from the source address of 1030 103, and that's 200 08:10.900 --> 08:12.160 coming from PC3, 201 08:12.160 --> 08:17.680 and being reported by HQ firewall three. So the other PC3 is also doing some 202 08:17.680 --> 08:18.640 YouTube traffic, 203 08:18.640 --> 08:22.870 but the YouTube traffic coming from PC7 is not showing up here in this ADOM 204 08:22.870 --> 08:23.440 anymore, 205 08:23.440 --> 08:26.850 the root ADOM, because it's been assigned to the other ADOM. So the next step 206 08:26.850 --> 08:27.840 now is if we have a 207 08:27.840 --> 08:31.860 separate administrator who's in charge of the branch firewall, we'd also want WEBVTT X-TIMESTAMP-MAP=LOCAL:00:00:00.000,MPEGTS:900000 207 08:27.840 --> 08:31.860 separate administrator who's in charge of the branch firewall, we'd also want 208 08:31.860 --> 08:33.120 to set up permissions 209 08:33.120 --> 08:38.780 for that new administrator to just see the contents of that new ADOM called BR1 210 08:38.780 --> 08:39.520 -ADOM. 211 08:39.520 --> 08:42.380 So back here at the Porti Analyzer, under system settings, we go to 212 08:42.380 --> 08:43.280 administrators, 213 08:43.280 --> 08:46.720 let's create a new branch administrators. We'll click here and create new 214 08:46.720 --> 08:48.080 administrator, 215 08:48.080 --> 08:52.140 and let's go ahead and call this branch admin. We'll give them a password here. 216 08:52.140 --> 08:52.640 We'll confirm 217 08:52.640 --> 08:55.380 the password. And then here is where we're going to specify what that new 218 08:55.380 --> 08:56.560 administrator has access 219 08:56.560 --> 09:00.050 to. So instead of saying all ADOMs, we'll go ahead and click on specify, and WEBVTT X-TIMESTAMP-MAP=LOCAL:00:00:00.000,MPEGTS:900000 219 08:56.560 --> 09:00.050 to. So instead of saying all ADOMs, we'll go ahead and click on specify, and 220 09:00.050 --> 09:00.480 then we'll choose 221 09:00.480 --> 09:03.010 the ADOM that we want to get information to. So let's go ahead and give them 222 09:03.010 --> 09:04.000 permission for 223 09:04.000 --> 09:08.800 BR1-ADOM. We'll click on OK. And then for the admin profile, let's go ahead and 224 09:08.800 --> 09:09.200 specify 225 09:09.200 --> 09:13.760 restricted user effectively. They're restricted to that specific ADOM. If we 226 09:13.760 --> 09:14.880 chose super user, 227 09:14.880 --> 09:17.770 it's going to give them access to all ADOMs. So we'll go back to restricted 228 09:17.770 --> 09:18.480 user. So we're 229 09:18.480 --> 09:22.560 going to go back to specify single ADOM. And then once again, choose the ADOM, 230 09:22.560 --> 09:22.960 we want to give 231 09:22.960 --> 09:26.080 them access to now we'll click on OK there. And then for the theme, let's go 232 09:26.080 --> 09:26.720 ahead and use 233 09:26.720 --> 09:29.330 their own theme. Let's change the theme. So it's very different. When we look 234 09:29.330 --> 09:30.080 at it, let's go ahead WEBVTT X-TIMESTAMP-MAP=LOCAL:00:00:00.000,MPEGTS:900000 234 09:29.330 --> 09:30.080 at it, let's go ahead 235 09:30.080 --> 09:34.350 and use how about that one. Fantastic. And we'll click on OK. So now if we log 236 09:34.350 --> 09:35.440 in as branch admin, 237 09:35.440 --> 09:40.100 branch admin will only have access to that specific ADOM. So we'll go to admin, 238 09:40.100 --> 09:41.120 we'll log out, 239 09:41.120 --> 09:45.010 we'll log in as branch admin, I'll specify the password, and we'll click on 240 09:45.010 --> 09:46.080 login. So the 241 09:46.080 --> 09:50.210 background has changed. Fantastic. And as far as ADOMs are concerned, that 242 09:50.210 --> 09:50.880 administrator is 243 09:50.880 --> 09:54.890 logged into this specific ADOM. So if we get a log view here and logs and 244 09:54.890 --> 09:56.400 select 40 gate, the 245 09:56.400 --> 10:00.180 only firewall that sending messages to this ADOM and log messages is branch WEBVTT X-TIMESTAMP-MAP=LOCAL:00:00:00.000,MPEGTS:900000 245 09:56.400 --> 10:00.180 only firewall that sending messages to this ADOM and log messages is branch 246 10:00.180 --> 10:01.120 firewall one. So 247 10:01.120 --> 10:04.630 everything here in log view is going to be associated with that specific 248 10:04.630 --> 10:06.080 firewall. And that's all this 249 10:06.080 --> 10:10.590 administrator branch admin can get to. So now go ahead and log out. Let me log 250 10:10.590 --> 10:11.760 back as admin. I'll 251 10:11.760 --> 10:14.980 supply the password, we'll click on login. And for the benefit of not having to 252 10:14.980 --> 10:15.920 go back and forth, 253 10:15.920 --> 10:20.980 I'm going to go back to the root ADOM as the King Kong user here admin. Then I 254 10:20.980 --> 10:21.600 'm going to go to 255 10:21.600 --> 10:26.110 system settings and ADOMs, select the root, click on edit. And let's bring in 256 10:26.110 --> 10:27.360 the branch firewall, 257 10:27.360 --> 10:31.510 that way going forward, all of our logs will be in the root ADOM. So click on WEBVTT X-TIMESTAMP-MAP=LOCAL:00:00:00.000,MPEGTS:900000 257 10:27.360 --> 10:31.510 that way going forward, all of our logs will be in the root ADOM. So click on 258 10:31.510 --> 10:32.480 select device, 259 10:32.480 --> 10:37.030 there's our branch firewall, click on OK, click on OK, and it's bringing it in. 260 10:37.030 --> 10:37.680 So now there's four 261 10:37.680 --> 10:42.190 devices, if we go to device manager, it's showing all four devices as belonging 262 10:42.190 --> 10:43.360 to this root ADOM. 263 10:43.360 --> 10:48.140 So going forward in the course, we'll see now the content, the logs from all 264 10:48.140 --> 10:49.200 four of our 48 265 10:49.200 --> 10:53.380 firewalls being sent to the root ADOM. And just for grins, now if we get a log 266 10:53.380 --> 10:54.720 view and logs and 267 10:54.720 --> 10:59.600 with 40 gate selected here, and then from drop down is reporting on all devices 268 10:59.600 --> 11:00.240 , let's go ahead WEBVTT X-TIMESTAMP-MAP=LOCAL:00:00:00.000,MPEGTS:900000 268 10:59.600 --> 11:00.240 , let's go ahead 269 11:00.240 --> 11:04.080 and just for a moment remove that and say I only want to see logs coming in 270 11:04.080 --> 11:04.960 from this specific 271 11:04.960 --> 11:08.740 48 our branch firewall, click on OK. I'll also just play here with clicking on 272 11:08.740 --> 11:09.280 more that I want to 273 11:09.280 --> 11:13.340 see the real time logs. And then we'll just wait for a second and verify that 274 11:13.340 --> 11:14.560 new traffic is showing 275 11:14.560 --> 11:17.860 up because we currently have the traffic log selected. And there we go, there's 276 11:17.860 --> 11:18.880 some new updates 277 11:18.880 --> 11:22.260 right there. And that looks like the 48 itself, let me also generate some more 278 11:22.260 --> 11:23.760 traffic from PC7. 279 11:23.760 --> 11:28.550 So here's PC7, let's open up a browser, let's go to some social media sites, 280 11:28.550 --> 11:29.440 let's go ahead and do 281 11:29.440 --> 11:34.410 fast.com, which is simulating Netflix traffic, fantastic. And let's also go WEBVTT X-TIMESTAMP-MAP=LOCAL:00:00:00.000,MPEGTS:900000 281 11:29.440 --> 11:34.410 fast.com, which is simulating Netflix traffic, fantastic. And let's also go 282 11:34.410 --> 11:36.720 ahead and go to YouTube 283 11:36.720 --> 11:41.080 and let's also go ahead and go to sales force. So all that traffic based on the 284 11:41.080 --> 11:42.000 traffic logs 285 11:42.000 --> 11:46.380 should now be showing up at the 40 analyzer in the root ADOM because branch 286 11:46.380 --> 11:47.280 firewall one is now 287 11:47.280 --> 11:50.810 part of that root ADOM. Let me close the browser, minimize the clients and with 288 11:50.810 --> 11:52.240 the real time logs, 289 11:52.240 --> 11:56.700 here they come pouring in right there. So the quick review to enable ADOMs, we 290 11:56.700 --> 11:57.360 'd go ahead under 291 11:57.360 --> 12:02.820 status and make sure that ADOMs is enabled, which we can do right here under WEBVTT X-TIMESTAMP-MAP=LOCAL:00:00:00.000,MPEGTS:900000 291 11:57.360 --> 12:02.820 status and make sure that ADOMs is enabled, which we can do right here under 292 12:02.820 --> 12:03.360 the system 293 12:03.360 --> 12:07.990 information widget or under system settings ADOMs, we can go ahead and enable 294 12:07.990 --> 12:08.800 it here if it 295 12:08.800 --> 12:12.050 isn't already enabled. And then to create new ADOMs right here in our system 296 12:12.050 --> 12:12.720 settings ADOMs, 297 12:12.720 --> 12:16.680 we could create new or when you log in as a super user, there's the opportunity 298 12:16.680 --> 12:17.680 to select the ADOM 299 12:17.680 --> 12:21.200 you want to jump into, or you can also create new ADOMs right from there. And 300 12:21.200 --> 12:21.760 then as we manage 301 12:21.760 --> 12:25.560 and work with ADOMs and edit them, that's the point where we can go ahead and 302 12:25.560 --> 12:26.320 add additional 303 12:26.320 --> 12:30.240 48 firewalls or other devices to report into a specific ADA. WEBVTT X-TIMESTAMP-MAP=LOCAL:00:00:00.000,MPEGTS:900000 303 12:26.320 --> 12:30.240 48 firewalls or other devices to report into a specific ADA.