We would like to be able to scheduled automated full-config backups to be offloaded to an FTP server. I know the fortimanager has backup capabilities of configs for its registered devices but we do not really need a full central management system (though it would be nice).
I'm wondering if anyone has used other solutions/workarounds to make this happen. I believe FortiMail or FortiWeb devices have a scheduled backup that can be run, but not FortiGate.
As a note to those thinking of using SCP and a read-only user.
I had this working and then when the time came to restore, the restore went fine except I could not login with an admin account!
If the SCP backup is taken with a read-only account, it does not get the config for your super user account(s). Yes I double checked that my read-only account has access to EVERYTHING. I did call support and they confirmed. I personally feel this is a huge flaw but.......
I have confirmed that if I connect and take the backup using SCP and using credentials for a super user that all user information is included.
Thankfully I had a full backup that existed for this router and I was able to copy the necessary user info to the backup file and then restore.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.