Fortigate automated/scheduled SFTP backup without storing clear text passwords?
I'm fairly new to the Fortinet suit of security devices. I have set up a scheduled SFTP backup on the FortiAnalyzer and FortiManager which was very simply to do. Locally, the SFTP password is hashed in the config, lovely.
However, Fortigate appears to be a different story. To achieve a “Fortinet native” solution of a scheduled/automated backup. I looked at automation stitches, unfortunately the "cli script” option requires the SFTP password to be stored in clear text.
Does anyone know of any other “Fortinet native” solution to schedule automated backups to SFTP servers on Fortigates without having to store the SFTP password in clear text? Just not acceptable to store passwords in clear text in my opinion and against policy in general.
My next stop is to move the automated backup process out of the Fortigate environment and move it to a netmiko/paramiko python solution. I would prefer an “in product” solution.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.