Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
frata
New Contributor

Created on ‎04-07-2024 10:03 PM

Understanding the Use of FortiGate Workspace Mode

Hey everyone,

I'm curious about FortiGate Workspace Mode and its relevance in business operations, and it is depends on Firewall Version ? . Can anyone shed some light on its purpose and whether it's commonly utilized in the corporate world? Looking forward to learning more!

https://9apps.ooo/
https://9apps.ooo/
Labels:
772
0 Kudos
2 REPLIES 2
DPadula
Staff
Staff

Created on ‎04-07-2024 10:34 PM

Hi Frata,

 

Basically the workspace mode has been available since old version, I have add a link from version 6.2.

Workspace mode allow you to hold all the changes on the configuration until you confirm the changes via command 'execute config-transaction commit'.

 

It is useful when you have more than two firewall administrators doing changes at the same time. It will lock the object to avoid changes done by two or more people at the same time. 

 

I haven't seen many Fortigate administrators using it but I know that other vendors have this feature enable by default. 

 

https://docs.fortinet.com/document/fortigate/6.2.0/new-features/688647/workspace-mode

 

759
Yurisk
SuperUser
SuperUser

Created on ‎04-08-2024 05:52 AM

I do use it as a failsafe measure when configuring some FOrtigate remotely and can lose management connection to it. For example when changing the default route or WAN interface of FGT to which I am connected via the same WAN interface - if something goes wrong and I lose admin access to the Forti, the configuration will revert back. I wrote a post with examples of doing this - https://yurisk.info/2022/04/04/fortigate-workspace-mode-commit-changes-example/ 

 

Regards to the acceptance in the Ent world - nope, I don't see much being integrated into daily firewall management workflow. But I would not want FTNT to drop this feature still :). 

 

This feature was added, I can surmise, because other vendors already had it. But those other vendors (Palo Alto/Check Point those I know most) face the same situation - admins just click through this feature w/o much thinking. 

Yuri Slobodyanyuk
Yuri Slobodyanyuk
733
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.