FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Description This article describes how disable/re-enable
automatic synchronization of the FortiAnalyzer and FortiManager
configurations, on downstream device, when Security
Fabric has been configured. Solution In Security Fabric topology, central management configuration is done on the root/upstream unit and propagated to the downstream unit(s).
FortiGates need to override these settings, while keeping device in Security Fabric topology, this can be done via CLI using the below commands:
# config system csf set configuration-sync local end
*local -> Doesn't synchronize the configuration with the root FortiGate, and FortiGate must configure settings individually.
Should FortiGate need re-enable the synchronization, the command is:
# config system csf set configuration-sync default end
*default -> Synchronizes the configuration for FortiAnalyzer, FortiSandbox, and Central Management to the root FortiGate
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.