Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Forti_Newbie
New Contributor

Machine Learning in active-active HA FortiWeb

Good Day!

I have four appliances FortiWeb (6.3.19) working in Standard Active-Active HA and I want to configure Machine Learning as additional security mechanism. Admin guide has one weird limitation "Machine learning is not fully supported when FortiWeb is deployed in active-active HA mode. It doesn't work on the secondary node; On the primary node, it works but not always stable, for example, after system reboot or HA role switch, the machine learning may stop working.". I understand correctly that ML will work only on Master role appliance and traffic that routes via secondary appliances will not analyze?
https://docs.fortinet.com/document/fortiweb/6.3.19/administration-guide/193258/machine-learning

 

I didn't find any information about this limitation for v.6.4.2 release. Do you known may be it was fixed there?

2 REPLIES 2
amouawad
Staff
Staff

Not sure about 6.4, but I know that 7.0 supports machine learning in HA but depends on what type of HA you configure.

 

From the admin guide: https://docs.fortinet.com/document/fortiweb/7.0.1/administration-guide/435480/synchronization

 

Machine learning data—Machine learning database is synchronized from the primary node to the secondary node in Active-Passive mode. The data is synchronized every 10 minutes.
In Active-Active mode, only machine learning Anomaly Detection database is synchronized. Bot Detection and API Protection database is not synchronized

Forti_Newbie

I understand correctly that secondary nodes in cluster just synchronize Anomaly Detection database from Master? Do they have independent ML process and sample collection?

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors