Description
This article describes how to register a FortiGate Cloud account.
Scope
FortiGate Cloud is a hosted security management and log retention service for FortiGate.
It provides centralized reporting, traffic analysis, configuration management, and log retention without the need for additional hardware or software.
FortiGate Cloud offers a wide range of features:
- Simplified central management.
- Monitoring and alerting in real-time.
- Customized or pre-configured reporting and analysis tools.
- Maintain important configuration information uniformly.
- Service security.
Solution
To activate the FortiGate Cloud account:
Go to Dashboard -> Status.
In the FortiGate Cloud widget, select the 'Not Activated' and 'Activate' buttons in the 'Status' field.
Then a pop-up will appear where the support.fortinet.com credentials can be entered along with domain (mainly US, Global, EU), and select OK to activate the FortiGate Cloud on FortiGate.
Activate via CLI:
Run the following command:
execute fortiguard-log login <email> <password> <domain>
If no domain is specified, the unit will join the Global FortiGate Cloud region. To get the domain list run the following command:
execute fortiguard-log domain
The Dashboard of FortiGate will look similar to the screenshot below:
To enable logging to FortiGate Cloud.
Go to Security Fabric -> Settings or Log & Report -> Log Settings.
Enable 'Cloud Logging'.
Select an upload option: Realtime, Every Minute, or Every 5 Minutes (default).
Select 'Apply'.
Enable 'Cloud Logging'.
Select an upload option: Realtime, Every Minute, or Every 5 Minutes (default).
Select 'Apply'.
To enable FortiGate Cloud logging from CLI:
config log fortiguard setting
set status enable
end
Logging into the FortiGate Cloud portal.
Once logging has been configured and registered the account, it is possible to log into the FortiGate Cloud portal and begin viewing the logging results. There are two methods to reach the FortiGate Cloud portal:
If having direct network access to the FortiGate:
Once logging has been configured and registered the account, it is possible to log into the FortiGate Cloud portal and begin viewing the logging results. There are two methods to reach the FortiGate Cloud portal:
If having direct network access to the FortiGate:
- Go to Dashboard -> Status.
- In the FortiGate Cloud widget, in the Status field, select 'Activated' and 'Launch Portal', or, in the Licenses widget, select 'FortiCare Support' and 'Launch Portal'.
If access to the FortiGate’s interface is not granted, visit the FortiGate Cloud website (https://forticloud.com) and log in remotely, using the email and password.
It will ask to confirm the FortiGate Cloud account connected to and then will have the granted access.
After login, a dashboard similar to the one shown below is displayed.
After login, a dashboard similar to the one shown below is displayed.
Cloud sandboxing.
FortiGate Cloud can be used for automated sample tracking, or sandboxing, for files from a FortiGate.
FortiGate Cloud can be used for automated sample tracking, or sandboxing, for files from a FortiGate.
This allows suspicious files to be sent to be inspected without risking network security.
If the file exhibits risky behavior or is found to contain a virus, a new virus signature is created and added to the FortiGuard antivirus signature database.
To configure cloud sandboxing.
Go to Security Fabric -> Settings.
Enable Sandbox Inspection.
Set the FortiSandbox type to FortiSandbox Cloud.
Select the FortiSandbox Cloud region.
Select 'Apply'.
Sandboxing results are shown on the Sandbox tab in the FortiGate Cloud portal.
For more information about FortiGate Cloud, see the FortiGate Cloud documentation.
Enable Sandbox Inspection.
Set the FortiSandbox type to FortiSandbox Cloud.
Select the FortiSandbox Cloud region.
Select 'Apply'.
Sandboxing results are shown on the Sandbox tab in the FortiGate Cloud portal.
For more information about FortiGate Cloud, see the FortiGate Cloud documentation.
FortiCloud activation if the appliances are in HA.
In most cases, joining the primary device in an HA cluster to FortiGate Cloud will trigger a join request from HA secondary as well, and it is not necessary to make a separate request to join the secondary device to FortiGate Cloud. In some cases, it may be necessary to add the devices to FortiGate Cloud separately.
In most cases, joining the primary device in an HA cluster to FortiGate Cloud will trigger a join request from HA secondary as well, and it is not necessary to make a separate request to join the secondary device to FortiGate Cloud. In some cases, it may be necessary to add the devices to FortiGate Cloud separately.
There are two ways to do this.
- Shut down one appliance at a time and register it to the FortiCloud.
- Trigger a failover to make the device with no FortiGate Cloud connection the primary, then activate FortiGate Cloud from the new primary unit.
The recommended way to failover an HA cluster is by using 'diagnose sys ha reset-uptime' on the primary unit. Failover should only be done during a maintenance window and will remove any existing SSL-VPN connections. See Technical Tip: Restoring HA master role after a failover using 'diag sys ha reset uptime'
Related documents:
FortiCare and FortiGate Cloud login
Technical Note: How to register and activate a FortiCloud account
