Free Preparation Discussions
MENU
Fortinet NSE5_SSE_AD-7.6 Exam - Topic 3 Question 1 Discussion
Topic #: 3
An existing Fortinet SD-WAN customer who has recently deployed FortiSASE wants to have a comprehensive view of, and combined reports for, both SD-WAN branches and remote users. How can the customer achieve this?
For customers with hybrid environments (on-premises SD-WAN branches and remote FortiSASE users), the FortiOS 7.6 and FortiSASE curriculum recommends centralized log aggregation for unified visibility.
Centralized Reporting: The standard architectural best practice is to forward logs from FortiSASE to an external FortiAnalyzer (Option C).
Unified View: Since the customer's on-premises FortiGate SD-WAN branches are already sending logs to an existing FortiAnalyzer, adding the FortiSASE log stream to that same FortiAnalyzer allows for the creation of combined reports.
Fabric Integration: This setup leverages the Security Fabric, enabling the FortiAnalyzer to provide a single pane of glass for monitoring security events, application usage, and SD-WAN performance metrics across the entire distributed network.
Why other options are incorrect:
Option A: SOCaaS is a managed service for threat monitoring, not a primary tool for an administrator to generate combined SD-WAN/SASE operational reports.
Option B: FortiSASE is not designed to act as a log collector or reporting hub for external on-premises FortiGates.
Option D: Data flows from the source (FortiSASE) to the collector (FortiAnalyzer), not the other way around.
Laura
1 day agoAntonio
6 days agoBobbye
12 days agoFrance
17 days agoJohana
22 days agoTeddy
27 days agoAmber
2 months agoReid
2 months agoLauna
2 months agoCiara
2 months agoAlona
2 months agoViva
3 months agoArdella
3 months ago