| Description | This article discusses Migration of an environment or organization into a new instance. |
| Scope | FortiEDR. |
| Solution |
Situation.
There is a customer with a current contract that expires at the end of the next week. To take advantage of this contract, the channel wants to migrate this standalone instance to a tenant of a new PAYG instance (not yet purchased). So, the channel will purchase a new multi-tenant instance for them and assign a tenant to this customer. To start the migration the customer/channel need to open a TAC case?
Question: What the customer impact is with this migration? What will be the procedure? Will the client lose any information in the migration? Is it necessary to reconfigure something? Yes Open FortiCare Ticket
Answer: Customers will need to open the firewall for the new addresses manager, core, aggregator, etc and we will provide that information.
Question: Will there be any loss of service?
Answer: Collectors that have not connected for 30 days will be deleted. There is no loss of service as they will stay connected to the old environment until a new bootstrap file is obtained and configuration that tells them where to communicate to. Since the other environment is up it is seamless. But we will not do it until they confirm they have new firewall rules in place. Then they need to delete old installers that point to old environment. And request new installers for new environment when they install new collectors. Collectors will need to be on and running in order for them to move to new Instance also. Threat Hunting Data will not be Migrated. Question: So, it is necessary to reinstall all the collectors?
Answer: No, it is not. Make only sure to have new devices no installed in the old environment.
Question: but, what is the procedure to point the running collectors to the new instance?
Answer: Export org and import to new org. Which will be behind the scene and will provide the info to all the devices.
Question: So, when the instance is migrated to the new one, and the customer makes the firewall changes, the new aggregator/CM replaces the configuration of the running collectors for the new addressing?
Answer: Yes and bootstrap that points to the new aggregator. Everything else stays the same. It needs to keep Org name, password and policy’s and all configurations currently obtained.
Question: How long is it taking to have the old instance operational to make the migration?
Answer: It depends on how fast the customer responds to the request. But migration will monitor and will not delete the old environment until we know it is completed. |
