- Forums
- Knowledge Base
- Customer Service
- FortiGate
- FortiClient
- FortiAP
- FortiAnalyzer
- FortiADC
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConnect
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEDR
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPortal
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- FortiWebCloud
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
- Fortinet Community
- Forums
- Support Forum
- Upgradation of fortigate
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Upgradation of fortigate
Hi All,
I have fortimanager, Fortianalyzer and Fortigate in my premises in which i have to upgrade multiple fortigate firewall to various version. Can anyone help me in answering below queries
1) Fortimanager and Fortianalyzer are on 7.2.2 and fortigate is on various version like 7.0.10, 7.2.4 like such. Can i upgrade my Fortigate keeping Fortimanager and Fortianalyzer on their existing version ?.
2) Should i need to redploy the policy package or repush any configuration from Fortimanager after Upgradation of Fortigate.
3) If i upgrade Fortimanager to latest version and following Fortigate to same/lower version should i need to redploy the policy package or repush any configuration from Fortimanager to manage devices
4) Lastly, apart from above points is it any things i need to take care or calculate before upgradation ?
Labels:
- Labels:
-
FortiAnalyzer
-
FortiGate
-
FortiManager
4 REPLIES 4
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello @vishal1
1. It is recommended to keep your FortiManager and FortiAnalyzer versions compatible with the firmware version running on the FortiGate devices. While there might be some level of backward compatibility between different versions, Please check release notes and compatibility matrices provided. It's possible that certain features or functionalities might not work as expected if there are version mismatches.
https://docs.fortinet.com/document/fortimanager/7.4.0/compatibility-with-fortios
2. After upgrading a FortiGate device, the policy package and configurations should be automatically synchronized from the FortiManager to the upgraded device. After the upgrade do ensure everything is functioning as expected.
3. If you upgrade the FortiManager to a newer version and subsequently upgrade the FortiGate devices to the same or a lower version, review and reapply the policy package to ensure that any new features or changes introduced in the newer version are correctly applied to the devices. This will ensure that the devices are managed consistently and taking advantage of the latest capabilities.
4. Before performing any upgrade, it is important to thoroughly review the release notes and upgrade guides provided.
Take backups: Ensure that you have recent backups of your FortiGate configurations, FortiManager database, and FortiAnalyzer data.
Plan for downtime: Upgrading the FortiGate devices will typically involve a temporary disruption in services.
Thanks,
Pavan
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Pavankr5,
Thank you for your reply, it really helpful.
Regarding point 3 you mentioned need to review and reapply the policy package to ensure that any new features or changes introduced in the newer version are correctly applied to the devices. Will it be not auto sync to the managed devices ?.
Regarding backup of devices would i have to locally extract the backup from fortigate or from fortimanager i can take backup of manage devices ?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@pavankr5's point No.2 is not the case at least for our Fortimanager-VM 7.0.7 or prior. Almost every time we upgrade FGTs through the FMG, CLI templates & Policy package's sync status go to "unknown" (question mark icon) so we always have to push them to all those FGTs even though there is no config change happens with the push.
Toshi
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Should i need to do for version 7.2.3 or above of that also ?
Related Posts
Labels
-
FortiGate
6,819 -
FortiClient
1,353 -
5.2
801 -
5.4
639 -
FortiManager
585 -
FortiAnalyzer
431 -
6.0
416 -
5.6
362 -
FortiAP
353 -
FortiSwitch
348 -
FortiClient EMS
277 -
FortiMail
266 -
6.2
251 -
FortiAuthenticator v5.5
234 -
5.0
196 -
FortiWeb
165 -
6.4
128 -
FortiNAC
115 -
FortiGuard
108 -
FortiSIEM
92 -
FortiGateCloud
90 -
IPsec
90 -
FortiCloud Products
85 -
FortiToken
74 -
SSL-VPN
73 -
Customer Service
70 -
4.0MR3
64 -
Wireless Controller
62 -
FortiProxy
47 -
FortiADC
45 -
FortiEDR
42 -
Fortivoice
41 -
SD-WAN
37 -
FortiDNS
35 -
FortiExtender
34 -
FortiGate v5.4
34 -
FortiSandbox
33 -
FortiSwitch v6.4
30 -
Firewall policy
30 -
FortiAuthenticator
25 -
High Availability
24 -
FortiConnect
24 -
VLAN
23 -
FortiWAN
22 -
FortiConverter
21 -
ZTNA
20 -
FortiPortal
18 -
FortiSwitch v6.2
16 -
FortiGate v5.2
16 -
Certificate
16 -
SAML
15 -
DNS
15 -
LDAP
15 -
FortiMonitor
14 -
BGP
14 -
Interface
14 -
Logging
14 -
FortiGate v5.0
13 -
FortiDDoS
13 -
Routing
12 -
FortiCASB
12 -
VDOM
12 -
Authentication
11 -
fortilink
11 -
RADIUS
10 -
Virtual IP
10 -
FortiRecorder
10 -
FortiWeb v5.0
9 -
SSL SSH inspection
9 -
Traffic shaping
9 -
FortiManager v5.0
9 -
NAT
9 -
4.0MR2
9 -
SSID
8 -
Fortigate Cloud
8 -
SSO
8 -
Application control
8 -
FortiGate v4.0 MR3
8 -
RMA Information and Announcements
7 -
FortiSOAR
7 -
FortiAnalyzer v5.0
7 -
Admin
7 -
4.0
7 -
IP address management - IPAM
7 -
Security profile
6 -
FortiBridge
6 -
SNMP
6 -
Web application firewall profile
6 -
Web profile
6 -
Proxy policy
5 -
Traffic shaping policy
5 -
FortiAP profile
5 -
FortiManager v4.0
5 -
Static route
5 -
FortiDirector
4 -
IPS signature
4 -
Packet capture
4 -
Antivirus profile
4 -
Automation
4 -
WAN optimization
4 -
DNS Filter
4 -
FortiTester
4 -
FortiCarrier
4 -
FortiCache
4 -
OSPF
4 -
3.6
4 -
FortiScan
4 -
Port policy
4 -
FortiToken Cloud
3 -
DoS policy
3 -
Email filter profile
3 -
Web rating
3 -
Intrusion prevention
3 -
FortiDB
3 -
trunk
3 -
FortiDeceptor
2 -
System settings
2 -
FortiInsight
2 -
NAC policy
2 -
Fortinet Engage Partner Program
2 -
Users
2 -
Traffic shaping profile
2 -
FortiPAM
2 -
VoIP profile
2 -
FortiAI
2 -
FortiHypervisor
2 -
Fabric connector
2 -
Netflow
2 -
Protocol option
2 -
4.0MR1
1 -
TACACS
1 -
Replacement messages
1 -
Subscription Renewal Policy
1 -
Schedule
1 -
FortiCWP
1 -
FortiNDR
1 -
SDN connector
1 -
Application signature
1 -
Authentication rule and scheme
1 -
FortiManager-VM
1 -
Internet Service Database
1 -
Multicast routing
1 -
Explicit proxy
1 -
Zone
1
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.