Hi There
Currently using FortiManager to manage an estate of 50 or so Gates running version 6.4.5 on all devices. We are deploying Virtual FGTs in AWS and Azure, which will also be managed by FortiManager.
We are intending to make use of SDN Fabric Connectors to allow dynamic learning of objects for policy creation in both the Public Cloud environments. Can someone confirm if we need to configure the SDN connectors on the FGTs in each cloud environment or whether we only need to configure the SDN connectors on the FortiManager (assume the latter as this is where we create the policies)
Many thanks
Solved! Go to Solution.
It'll get pushed to all your FGT within the vdom where you created the sdn object. At least I didn't find a way to restrict to certain fgt, anyway in our case it didn't really matter. Therefore I guess if you want to push to only your cloud FGT, you may want to create a separate vdom in which you could create the snd object and have your cloud FGT
I did setup the sdn connector on the fortimanager and then it automatically got pushed to the fortigate. Because of the nature of dynamic learning, each fortigate does require to query/fetch informations of the objects you'll use.
Thanks paulinster. Just to be clear if I set up SDN on FortiManager, does this automatically get pushed to all FortiGates or can you specify just the FortiGates in the Cloud.
It'll get pushed to all your FGT within the vdom where you created the sdn object. At least I didn't find a way to restrict to certain fgt, anyway in our case it didn't really matter. Therefore I guess if you want to push to only your cloud FGT, you may want to create a separate vdom in which you could create the snd object and have your cloud FGT
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.