Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
ggntt
Contributor

Created on ‎09-30-2014 02:19 AM

Fortianalyzer - Multi tenants

Hi there Is it possible to setup the Fortianalyzer for multiple tenants ? Any information/advice on how to do this ? thanks ggntt
10752
0 Kudos
11 REPLIES 11
Christopher_McMullan
Staff
Staff

Created on ‎09-30-2014 05:47 AM

If you enable ADOM mode, then you can use the Standard User administrative profile template to only allow access to specific ADOMs. That would allow tenant access to the FAZ without granting access to global settings or other ADOMs.

Regards, Chris McMullan Fortinet Ottawa

6878
0 Kudos
ggntt
Contributor

Created on ‎09-30-2014 08:44 AM

Hi Chris Thanks for that. We enabled the ADOM mode, but its still not clear how to create multiple profiles to access devices specific to the users Any additional info would be great, ggntt
6878
0 Kudos
neonbit
Valued Contributor

Created on ‎09-30-2014 05:53 PM

As an example, if you wanted to create an ADOM for customer1 that would allow them to login to the FortiAnalyzer and create/run their own reports and have read access to FortiView you would do the following three steps: 1. Create customer1 ADOM, and put the customer1-firewall into the ADOM Goto System Settings > All ADOMS and click ' Create New' Enter customer1 for the name and move the customer1-fgt to the right hand side. Click ' Ok' to save
Jh16259.jpg
Preview file
54 KB
6878
0 Kudos
neonbit
Valued Contributor

Created on ‎09-30-2014 05:54 PM

2. Create customer1 administrator profile Goto System Settings > Admin > Profile and click " Create New' Enter customer1-profile for the name and select read-write/read access for this specific customer Click ' Ok' to save
Db83903.jpg
Preview file
52 KB
6878
0 Kudos
neonbit
Valued Contributor

Created on ‎09-30-2014 05:55 PM

3. Create customer1-admin login Goto System Settings > Admin > Administrator and click ' Create New' Enter customer1-admin for the name, and select the login type (if local, enter their password) Change Administrative Domain to ' Specify' Select customer1 for the ADOM Click ' Ok' to save Now when customer1 logs in with their ' customer1-admin' credentials, they will only be able to see the reports and FortiView for their own firewall. p.s: Sorry for the three posts.. I couldn' t' figure out howto embed three pictures in the one post.
Sq46636.jpg
Preview file
56 KB
6878
0 Kudos
ggntt
Contributor

Created on ‎10-01-2014 08:31 AM

Thank you so much for your replies I appreciate the screen shots. I am currently on the trial version. Unfortunately there is no ADOM option like there is on yours. Very strange Please see attached
Ay73443.jpg
Preview file
71 KB
6878
0 Kudos
ggntt
Contributor

Created on ‎10-01-2014 08:59 AM

neonbit I figured that out, had to enable administrative domain from the system information widget on the dashboard. Now trying to get a remote FG to communicate with the analazyer. The FAZ is behind our own FG FW. But I saw where you can set a token, looks like they might create their own tunnel ?
6877
0 Kudos
jpborg
New Contributor
In response to ggntt

Created on ‎10-14-2024 05:56 AM

Hello,

Did you manage to get the FAZ behind your FortiGate firewall to communicate with a remote FortiGate? I am currently looking for a solution to this.

1974
0 Kudos
Mark_Oakton
Contributor

Created on ‎10-15-2014 04:16 PM

how do the adoms differentiate different client firewalls if the management ip is the same ?
Infosec Partners
Infosec Partners
6877
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.