I'd be interested in how you manage the daily (configuration) management tasks of Fortigate devices WITHOUT Fortimanager.
This is mostly about requirements for changed/new firewall policies, new/modifying interfaces, adapting to the changing needs of internal users, etc.
Do you have some kind of change management process in place?
Do you document the FG policies and settings in a separate documentation? If yes, how do you do this?
How do you make sure that you have a documented trail or written evidence on changes of the FortiGate configurations?
Even if many of you will most likely recommend FortiManager for some of those issues/questions, we do not want to go with FortiManager (yet).
Are there any other tools, good practices we could adapt for us as well?
We manage a couple of 100F (cluster and single devices), a few 60F/61F and plenty of 40F.
Thanks a lot
Dan
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Fortimanager is the best option for sure because it does change management, schedule updates, configuration revisions etc. You could also use the Cloud versions as well if you don't want an on-premise device.
If you are looking for something else I have used Ansible or Terraform for configuration changes and then you could use a product like oxidized to do the configuration backups.
https://github.com/ytti/oxidized
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.