FortiOS includes predefined dashboards so administrators can easily monitor device inventory, security threats, traffic, and network health.

Each dashboard contains a set of widgets that allow administrators to drilldown data and perform tasks.

Administrators (even those with restricted permission profiles) are allowed to add additional dashboards and customize the widgets that will be shown in each of those dashboards.

Administrators can also remove already existing dashboards. This action can be accomplished by selecting the 'Delete Dashboard Action' available when clicking on the three dots icon available at the left of the dashboard name:

All new added dashboards allow for removal. This is also true for most of the default dashboards. But some of the default dashboards do not allow for removal, so there is no 'Delete Dashboard' action available in the GUI.

This is where the 'set permanent enable' setting associated to a dashboard comes in. When the 'permanent' parameter is set to 'enable' for a specific dashboard, that specific dashboard cannot be removed via the GUI.

config system admin
    edit "<admin-user>"
        config gui-dashboard
            edit <#>
                set permanent enable

It is important to recall that the scope for this setting is the dashboard. It does not affect the widgets defined in that specific dashboard. Hence an administrator can still add/remove widgets for that dashboard (even those administrators with restricted permission profiles).

This observation is relevant as this parameter will not impede an administrator to customize his/her dashboards if we are looking for avoiding changes in the configuration of a FortiGate that could trigger a configuration change event that could be detected by the managing FortiManager for that device.

The 'set permanent enable' parameter hence will impede only for the dashboard entry to be removed from the GUI.