Add devices to AFA
Relevant for: AFA Administrators
This topic provides an introduction on adding devices to AFA so that you can start collecting data automatically.
Add device prerequisites
Before adding a new device to AFA, ensure that your environment is set up to accept communication between AFA and the device.
Manage ports |
Note: Make sure to open the necessary port between each device and the AlgoSec server, depending on the protocol being used to connect to the device. Note: In the case of a distributed architecture, open the port between the device and the specific Remote Agent or Load Unit managing each device. |
Device permissions |
You may need to configure device user permissions to enable AFA to collect data from your device. For details, see Device procedure reference and the device permissions section for each device type. |
Access the DEVICES SETUP page
This procedure describes how to access the DEVICES SETUP page for each device type.
Note: Before you start, ensure that your environment is configured to allow communication between AFA and your device. For details, see Device procedure reference and the device permissions section for each device type.
Do the following:
-
Access the DEVICES SETUP page in the Administration area as follows:
From the main menu on the left Click Devices, Groups, or Matrix, and then click the Configure .. button.
Note: This button is visible to AFA administrators only.
From the Administration area In the toolbar, click your username, and select Administration.
In the Administration area, click the DEVICES SETUP tab.
The DEVICES SETUP tab appears. For example:
-
Click New 6 and select Devices.
A selection of vendors appears:
-
Select a vendor, and then a device type.
-
A device form appears, specific to the device type you selected.
For example:
-
Populate the fields as needed to complete the configuration, clicking Next or Back as needed.
For more details, see Device procedure reference.
-
(Optional) Specify a syslog server. See Specify a Syslog server.
Specify a Syslog server
When relevant, do the following:
Select the syslog server from the list of those already defined in AFA.
Select localhost to use the built-in syslog server. No credentials are required for this server.
Note: The localhost option is recommended when it is not practical to allocate a dedicated syslog server, such as when you have a small number of devices, are using AFA for evaluation purposes, and so on.
Note: Only AlgoSec OVF is supported for use as external syslog.
To add a new syslog server to AFA, do the following:
Note: Many device brands support the ability to send log messages to an external Syslog server. To configure an external Syslog server for AFA messages, see Configure an external Syslog server
-
Click New and enter the following details:
Syslog-ng host The host IP address or FQDN name of the syslog server. User Name / SSH User Name The username for connecting to the syslog server.
Note: If the specified user does not have root permissions, then logs will not be collected for the device until you have manually reloaded the syslog server configuration.
For more details, see Configure an external Syslog server
Password / SSH Password The password for connecting to the syslog server. -
Click Test Connectivity to test connectivity to the defined syslog server.
A message informs you whether AFA connected to the syslog server successfully, and the new syslog server is automatically selected in the Syslog-ng server drop-down list.
Tip: Save the device configuration to make this syslog server available for other devices as well.
To edit an existing syslog server, do the following:
- Select the syslog server that you want to edit, and click Edit.
- Edit the properties as needed, and click OK.
-
Click Test Connectivity to test connectivity to the defined syslog server.
A message informs you whether AFA connected to the syslog server successfully.
Note: For more details about syslog messages and servers, see Sending outgoing syslog messages.
â See also:
- Defining Devices: Training video about collecting data from a few Check Point devices