Hi, What are the benefits of having Fortimanager to act as Fortiguard server for all the Fortigates which are in SDWAN fabric? . Fortimanager will be one of the DC LAN IP which has reachablity to all the branch Fortigate over SDWAN Fabric.
1 This will ensure that all database updates will happen locally within the fabric from Fortimanager to all Fortigates.
2 Not each fortigate needed internet connectivity..
3 Just ensure Fortimanager alone can speak with Fortiguard to get all the signature, database updates. Once this is done, it can push to rest of the device
4 It can also avoid impact to Webfiltering/Email filtering service, since any high latency from Fortigate to Fortigaurd webfilter service can cause "A rating error occured"
These are my observations, whether I am correct or any other benefits I have missed. Or anyother caveats in this setup.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.