Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
panirwane
New Contributor

FortiAnalyzer ADOMs Question

Is it generally best practice to separate firewalls into ADOMs within FAZ?

I've been doing some research but have been getting mixed results. In FMG, it makes sense to separate firewalls by firmware version or by client; however, within FAZ, is there any downside of having a single ADOM for all firewalls? It would make global reporting possible (ie. quickly running a report to determine all firewall firmware versions). As far as I'm aware, reports could still be narrowed down to select firewalls.

I've also heard that licensing for FAZ may shift to include an ADOM-limit on top of the daily log rate. This has me a bit concerned because I have quite a few ADOMs per clients with only one or two firewalls each.

omegle xender
1 REPLY 1
Jorosco
Staff
Staff

Yes, it is, please check the following link Best Practices | FortiAnalyzer 7.2.0 | Fortinet Documentation Library

 

ADOMs in FortiAnalyzer can be used to separate devices/administration and also to define how long the information will be stored and how much disk space will be asigned. In other words, the ADOM enables you to assign a "Disk Quota" to the devices registered in that ADOM.

If your devices have a mix of high-volume and low-volume log rates, put high-volume log rate devices in one ADOM and low-volume log rate devices in another ADOM. This helps prevent quota enforcement from adversely affecting the low-volume log devices.

Labels
Top Kudoed Authors