I have a client whose network I managed from overseas. We are undertaking a restructuring of the current network design to increase scalability and security for the future. I have not had any experience configuring this using Fortinet ecosystem, so I had some questions (bottom of post) for the community about my configuration/process.
Current Fortinet topology
1x Fortigate 60F (7.0.3)
4x Fortiswitch 124E (7.0.1) (stacked)
1x Unmanaged POE switch
Current Network topology: Everything resides on a 10.0.0.0/24
I don't think it's a matter of best practices, more a matter of choice - if you want to move the devices assigned static IPs or not. From a security perspective, it would be better to isolate them in their corresponding VLAN.
And as long as you don't change settings on the WAN interface (your access interface) access from WAN should not be cut.
- Toss a 'Like' to your fixxer, oh Valley of Plenty! and chose the solution, too00oo -
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.