So I currently have all three of those and these are the versions there on.
Fortigate 100F - 6.4.8
FortiEMS - 6.4.7
FortiClient - 6.4.7 (all 500 end users)
I want to upgrade all of these to the latest versions however I wanted to know if it was possible to upgrade my FortiGate first, then say a week later upgrade FortiEMS then over time upgrade forti client end users.
I want to do this without disturbing end users. I guess my real question is can FortiGate be at 7.2 and ems and client still be behind? so i can gradually do this and not have to do it all at once?
"When upgrading your Security Fabric, devices that manage other devices should be upgraded first. Upgrade the firmware of each device in the following order. This maintains network connectivity without the need to use manual steps." and then they list out the order of upgrade.
To get your Fortigate upgraded, you will have to step through 7.0.7 first before you can get to 7.2 code following the Upgrade Path utility from the firmware download site. EMS can go directly from 6.4.7 to 7.0.7, so no issue there. The biggest takeaway is all of this is explained in the release notes for each product update and also shows what they are backward compatible to and if any feature caveats or settings adjustments that might need to be addressed to maintain communication until you are where you want to be.
So to answer your last question, unless I'm missing something, yes, you can do this gradually based on your current code revs.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.