Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
jrobetoy
New Contributor

Request for help getting started with global ADOM policies using FortiManager

Good Morning!

 

I am new to Fortinet, having just moved our company from Cisco ASAs with Firepower to approximately 30 Fortigates, mostly models 40F, but a few of our bigger sites are using 60F and 81F. Currently running firmware version 7.2.6, build 1575.

 

We are now using FortiManager Cloud Central Management & Orchestration, v7.4.1-build4261 230914 (GA) and need to learn how to re-create the global policies that we used to apply using Cisco Firepower, now using FortiManager.

 

Policy-wise, the 40F's are configured almost all the same, except for an extra interface or Virtual IP or two.
The other sites have a bit more going on, hosting many more virtual IPs, using policy routes, etc.

 

There are some policies we would like to apply globally, where we can make the change in one place and it would apply to all of the devices in a group. The main example would be to have a policy rule to completely block a constantly changing list of countries from ever accessing our systems.


We would want this policy to have priority over any rules already existing on an individual offices policies.

 

Again i am completely new to Fortinet, so at this point i am starting with the basics and feel like i need to fully understand global ADOM layer first as a good starting point: https://docs.fortinet.com/document/fortimanager/7.4.2/administration-guide/910786/global-adom-layer

 

But would someone be able to help by suggesting any good supplementary documentation/videos that has the steps or examples one would take to achieve this? And also anything i will need to watch out for? Any advice in general to get me started on the right foot would be appreciated.

 

Thank You,

Jesse

 

 

 

1 Solution
Renante_Era
Staff
Staff

Hello Jesse,

 

Try to see if you have access to FCP - FortiManager 7.2 Self-Paced

1. Open training.fortinet.com

2. Click Login, then Public.

3. Click Sign Up

Screenshot 2024-01-18 100431.png

4. Browse to Library>FCP Network Security

Note:

* Access to FMG training is available based on my test using regular outlook email.

* If you want to learn more about FGT -- FCP - FortiGate Security 7.2, and FortiGate Infrastructure 7.2

View solution in original post

2 REPLIES 2
Renante_Era
Staff
Staff

Hello Jesse,

 

Try to see if you have access to FCP - FortiManager 7.2 Self-Paced

1. Open training.fortinet.com

2. Click Login, then Public.

3. Click Sign Up

Screenshot 2024-01-18 100431.png

4. Browse to Library>FCP Network Security

Note:

* Access to FMG training is available based on my test using regular outlook email.

* If you want to learn more about FGT -- FCP - FortiGate Security 7.2, and FortiGate Infrastructure 7.2

jrobetoy

Thank you! Im in and was able to enroll.

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors