Logging Requirements

Logs underpin any compliance story. If you don’t watch the right information, you can’t prove what happened or fix what went wrong. Here’s what you need to remember:

• Capture All the Relevant Events: Ensure that you log security events, user activities, system alerts, configuration changes and network traffic anomalies.
• Central Log Collection: Fortinet SD-WAN can be very noisy. Centralized logging makes it easier to get at your logs and gives you some control over what you want to see how.
• Timestamp Accuracy: Logs must have accurate timestamps to give enough timing context for reconstructing the events. Make sure that you have a trustful NTP (https) server:

  ntp-server {
    server {
      server-addr-ipv4 1.2.3.4
      server-ref-time 0.pool.ntp.org
    }
  }
  configuration {
    system {
      ntp {
        server {
          [...]
        }
      }
    }
  }

• Log Integrity: Log integrity to make it hard to tamper using hashes or write-once storage alternatives.
• Real-Time Log Monitoring: Everything you need to know about suspicious log activity as it happens.

Think of logging as the memory of your SD-WAN. The better you document, the faster and more readily your compliance comes.

Automated Reports

Manually creating reports? Not ideal. Automated reports save loads of time, and there are far fewer mistakes. And they keep you informed of crucial compliance deadlines and updates so you never fall behind.

Here’s why automation is awesome when it comes to audit reporting for managed WANs:

• Scheduled Reporting: Create reports on a schedule—such as daily, weekly, monthly—that summarize compliance status, security events, bandwidth consumed.
• Custom Reports: Customize the reports to showcase the information that matters—you decide whether you want to see compliance gaps or network performance.
• Instant Alerts: Receive instant alerts when a report finds something out of place or a policy violation.
• Visualizing Data: Chart and graph reports so that they are easy for both tech teams and management to understand.

Automating reporting frees up mountains of potential insights out of data. No one needs to manually sift through an endless stack of logs.

Audit Support

When the time for an audit rolls around, you want to be prepared. Then the last thing you want to do is start rummaging through papers or wonder if you’re in compliance. Here’s how PJ Networks makes audits easy for Fortinet SD-WAN environments:

• Pre-Audit Assessments: We audit the SD-WAN as it is now, to find holes before the auditors do.
• Audit Trail Preparedness: Organized and easy to access very detailed logs and reports.
• Compliance Framework Integration: Fortinet’s SD-WAN services can be customized to support standards such as HIPAA, PCI-DSS, GDPR being applied to your enterprise.
• Assistance in Audits: We support you with the help of an expert who will understand your infrastructure and ensure compliance is being met in a clear manner.

Audit support is not so much about passing a test as it is about proving your network is secure and operational every day – not just the day an auditor shows up.

Retention Policies

For how long should you retain your logs and reports? Retention policies are key, but they are also fickle. Keep data for too long and you waste space and raise risk. Erase it too early, and you erase important evidence.

Best practices for access and retention policy compliance with SD-WAN:

• Know Legal Requirements: There are different rules regarding data retention for each industry and each location — know what yours are.
• Categorize Types of Data: Important logs (say, security incidents) might require retention periods longer than regular traffic logs.
• Automated Data Archival: Deploy automation tools that drive old data off to secure archives.
• Secure Deletion: Ensure that no files can be recovered from the data after deletion thus preserving data privacy.
• Revisit Your Policies: Compliance-based requirements and business processes change; for example, make sure your retention policies remain current.

A smart retention policy allows for you to keep what you need for audit reporting and compliance and also to reduce cost and risk.

Final Thoughts

Compliance and reporting in your Fortinet SD-WAN are huge. At PJ Networks we make it easy with easy to follow logging requirements, automated optimal reports, solid audit support and intelligent retention policies. If you’re looking for Comfort and a managed WAN that you don’t need to worry about, then this is where you want to start.

And don’t forget, SD-WAN compliance isn’t a one-time job. It is developing, and we are here to help you stay ahead, every day of the week.