FortiOS 6.0 Getting Started: FortiManager in the Fortinet Security Fabric

Source: Internet
Author: User
Keywords Security Fabric
Tags security getting started forticloud fortios fortios 6.0

In this example, you add the FortiManager to an existing Security Fabric, with an HA cluster called Edge as the root FortiGate and three internal FortiGates: Accounting, Marketing, and Sales. Network resources, such as a FortiManager, are located on the subnet 192.168.65.x.

1. Connecting the FortiManager and Edge

In this example, port 16 on Edge connects to port 4 on the FortiManager.

To configure the interface on the root FortiGate, connect to Edge, go to Network > Interfaces, and edit port 16.

Configure Administrative Access to allow FMG-Access and FortiTelemetry.

To configure the interface on the FortiManager, connect to the FortiManager, go to System Settings > Network, select All Interfaces, and edit port4.

Set IP Address/Netmask to an internal IP address (in the example, 192.168.65.30/255.255.255.0).

Select Routing Table and add a default route for port 4. Set Gateway to the IP address of port 16 on Edge.

If you haven’t already done so, connect the FortiManager and Edge.

2. Allowing the FortiManager to have Internet access

In order to communicate with FortiGuard, the FortiManager requires Internet access.

To create an address for the FortiManager, connect to Edge, go to Policy & Objects > Addresses, and create a new address.

To allow the FortiManager to access the Internet, go to Policy & Objects > IPv4 Policy, and create a new policy.

3. Configuring central management

To enable central management, connect to Edge, go to Security Fabric > Settings, and enable Central Management.

Set Type to FortiManager, Mode to Normal, and set IP/Domain Name to the IP address of port 4 on the FortiManager.

After you select Apply, a message appears stating that the FortiManager received the message and Edge is waiting for management confirmation.

Edge, as the root FortiGate, pushes FortiManager settings to the other FortiGate devices in the Security Fabric. To verify this, connect to Accounting and go to Security Fabric > Settings.

To confirm the management connection, connect to the FortiManager and go to Device Manager > Unregistered Devices. Select the FortiGate devices and select + Add.

Add the FortiGate devices to the FortiManager.

Connect to Edge. A warning message appears stating that the FortiGate is now managed by a FortiManager.

Select Login Read-Only.

Go to Security Fabric > Settings. Under Central Management, the Status is now Registered on FortiManager.

4. Results

The FortiGate devices are on the Managed FortiGate list and appear as part of a Security Fabric group. The beside Edge indicates that it’s the root FortiGate in the Security Fabric.

Right-click on any of the FortiGate devices and select Fabric Topology. The topology of the Security Fabric is displayed.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.