Cybersecurity Forum

This forum is for all security enthusiasts to discuss Fortinet's latest & evolving technologies and to connect & network with peers in the cybersecurity hemisphere. Share and learn on a broad range of topics like best practices, use cases, integrations and more. For support specific questions/resources, please visit the Support Forum or the Knowledge Base.

NaruKrue
New Contributor

Replace FortiGate 100D HA to 200E HA not have downtime.

Dear All

I would like best practice for replace FortiGate 100D HA to 200E HA not have downtime.
1 Solution
nicerobot_FTNT

To minimize downtime, ideally, you would convert the 100D configuration to the new 200E devices, verify failover, verify policy and routing BEFORE you schedule a cutover. Best way to do this is to use the same OS version. Minimize the number of changes you will be introducing. If you have the devices racked, it should be as easy as moving the interfaces to the new device (primary first) and clear the arp caches to connected switches and routers. Have a clearly defined cutover procedure (step-by-step), validation test (helpful to run before/after testing), and backout plan.

---

Opinions expressed are my own and may not represent the official opinion of my employer.

View solution in original post

2 REPLIES 2
MohdMoha
New Contributor

I don't think you can do it without any downtime because of its difference model.
I think you can prepare earlier to reduce downtime like rack-mount the appliance, make sure you tagging the cable and be ready to troubleshooting.
nicerobot_FTNT

To minimize downtime, ideally, you would convert the 100D configuration to the new 200E devices, verify failover, verify policy and routing BEFORE you schedule a cutover. Best way to do this is to use the same OS version. Minimize the number of changes you will be introducing. If you have the devices racked, it should be as easy as moving the interfaces to the new device (primary first) and clear the arp caches to connected switches and routers. Have a clearly defined cutover procedure (step-by-step), validation test (helpful to run before/after testing), and backout plan.

---

Opinions expressed are my own and may not represent the official opinion of my employer.