Add devices to AFA
Relevant for: AFA Administrators
This topic provides an introduction on adding devices to AFA so that you can start collecting data automatically.
Add device prerequisites
Before adding a new device to AFA, ensure that your environment is set up to accept communication between AFA and the device.
Manage ports |
Note: Make sure to open the necessary port between each device and the AlgoSec server, depending on the protocol being used to connect to the device. Note: In the case of a distributed architecture, open the port between the device and the specific Remote Agent or Load Unit managing each device. |
Device permissions |
You may need to configure device user permissions to enable AFA to collect data from your device. For details, see Required device permissions. |
Access the DEVICES SETUP page
This procedure describes how to access the DEVICES SETUP page for each device type.
Note: Before you start, ensure that your environment is configured to allow communication between AFA and your device. For details, see Add device prerequisites.
Do the following:
-
Access the DEVICES SETUP page in the Administration area as follows:
From the main menu on the left Click Devices, Groups, or Matrics, and then click the Configure .. button.
Note: This button is visible to AFA administrators only.
From the Administration area In the toolbar, click your username, and select Administration.
In the Administration area, click the DEVICES SETUP tab.
The DEVICES SETUP tab appears. For example:
-
Click New 6 and select Devices.
A selection of vendors appears:
-
Select a vendor, and then a device type.
-
A device form appears, specific to the device type you selected.
For example:
-
Populate the fields as needed to complete the configuration, clicking Next or Back as needed.
For more details, see Device procedure reference.
Many device brands support the ability to send log messages to an external Syslog-ng server.
When relevant, do the following:
Select the syslog-ng server from the list of those already defined in AFA.
Select localhost to use the built-in syslog-ng server. No credentials are required for this server.
Note: The localhost option is recommended when it is not practical to allocate a dedicated syslog-ng server, such as when you have a small number of devices, are using AFA for evaluation purposes, and so on.
To add a new syslog-ng server, such as if you had one existing before installing AFA, do the following:
-
Click New and enter the following details:
Syslog-ng host The syslog-ng server's host name or IP address. User Name / SSH User Name The user name for connecting to the syslog-ng server.
Note: If the specified user does not have root permissions, then logs will not be collected for the device until you have manually reloaded the syslog-ng server configuration.
For more details, see AFA Syslog messages.
Password / SSH Password The password for connecting to the syslog-ng server. -
Click Test Connectivity to test connectivity to the defined syslog-ng server.
A message informs you whether AFA connected to the syslog-ng server successfully, and the new syslog-ng server is automatically selected in the Syslog-ng server drop-down list.
Tip: Save the device configuration to make this syslog-ng server available for other devices as well.
To edit an existing syslog-ng server, do the following:
- Select the syslog-ng server that you want to edit, and click Edit.
- Edit the properties as needed, and click OK.
-
Click Test Connectivity to test connectivity to the defined syslog-ng server.
A message informs you whether AFA connected to the syslog-ng server successfully.
Note: For more details about syslog messages and servers, see Monitoring and syslog messages.
â See also:
- Defining Devices: Training video about collecting data from a few Check Point devices