Is it generally best practice to separate firewalls into ADOMs within FAZ?
I've been doing some research but have been getting mixed results. In FMG, it makes sense to separate firewalls by firmware version or by client; however, within FAZ, is there any downside of having a single ADOM for all firewalls? It would make global reporting possible (ie. quickly running a report to determine all firewall firmware versions). As far as I'm aware, reports could still be narrowed down to select firewalls.
I've also heard that licensing for FAZ may shift to include an ADOM-limit on top of the daily log rate. This has me a bit concerned because I have quite a few ADOMs per clients with only one or two firewalls each.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Yes, it is, please check the following link Best Practices | FortiAnalyzer 7.2.0 | Fortinet Documentation Library
ADOMs in FortiAnalyzer can be used to separate devices/administration and also to define how long the information will be stored and how much disk space will be asigned. In other words, the ADOM enables you to assign a "Disk Quota" to the devices registered in that ADOM.
If your devices have a mix of high-volume and low-volume log rates, put high-volume log rate devices in one ADOM and low-volume log rate devices in another ADOM. This helps prevent quota enforcement from adversely affecting the low-volume log devices.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1517 | |
1013 | |
749 | |
443 | |
209 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.