is it safe to update firmware remotely

I have done this remotely probably about 30 times, on locations that are half way around the world from me and I did not have out of band access if it had gone wrong. Fortinet will tell you that you need to have a serial connection into the firewall with OOB access if you want to upgrade the firmware remotely, that' s their stance. Its a gamble doing it remotely without having OOB serial access, but I have never had a problem with either upgrading the firmware or rolling back the firmware and that is on both stand alone firewalls and HA pairs. Its going to come down to your choice. Good luck.

same here, I' ve done it hundreds of times with software upgrades and manually pushing AV/IDS updates. No problems.

I' ve not had any problems either but your mileage may vary. Just make sure you take a backup first.

I mean access a customers fortigate remotely and update...

i' d like recommend follow updates path in those cases. i.e.: if you' ve a unit with a complex configuration running 2.80 don' t expect a smoothly upgrade if you go direct to 3.0 MR7 ....these kind of things

most of my customers are: FG50B FG60 FG60B what firmware version is recomended? I go to support site, assume newest should always be downlaoded? the images in: ftp://support.fortinet.com/FortiGate/v3.00/MR7/MR7_Patch_2/

Hi, I update firmware remotely very regularly on the FG60B' s with out any issues. I would recomend that use the USB Loader facility and take a backup of the config onto the key before you carry out the update. We' ve never had any issues. Rich

I always reboot the devices before upgrading them.... martin

very old firmware will do upgrading without clear memory first. However the newer firmware, I think v3.0 MR5 or later but not sure, does kill all other daemons to clear memory before upgrading.