Hello forum,
I would like to know how many of you are dealing with upgrades of firmware from Fortinet Devices.
We have a range of Fortinet equipment, FortiGates, FortiAZ, FortiSwitches, FortiAPs.
We have them on multiple locations.
How you guys are dealing with upgrades, where to look if the upgrade is suitable for us, what type of automation you use, etc..
It's really hard to catch up with everything since I'm not just a Fortinet guy. I'm System Admin so I have a lot of other task's and its getting overwhelmed..
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi @Infotech22
We have 2 ways:
Manual (local or via FortiManager )
Automated via FortiManager.
We are on latest FMG (74.2), and there you find it under:
Device Manager: Firmware Templates:
You can then schedule the template run run as desired, or run it manually.
Hi @Infotech22
We have 2 ways:
Manual (local or via FortiManager )
Automated via FortiManager.
We are on latest FMG (74.2), and there you find it under:
Device Manager: Firmware Templates:
You can then schedule the template run run as desired, or run it manually.
Thank you @Jakob-AHHG,
We already have FortiManager but last external company didn't use it and suggest to us that we don't need it for 4 locations. But it's 8 Firewalls, 20+ switches, 20-30 AP's etc.
Firewall Policies can't be the same so we couldn't use the template but for upgrades is still really good to us then.
OK, we run 16 locations, and have them split in 3 Policy Groups for FW rules, and I currently have 4 FW Templates.
Granted, there are management stuff that is easier to do directly on a device, but when it's all in sync on FGM, you know what's going on, and it's easier to troubleshoot in tandem with FortiAnalyzer.
And if you then start to figure out Scripts, to do CLI config changes on multiple FortiGates, initiated from FGM, life becomes a lot less tedious.. ;)
Yes of course, some small stuff like address object's etc its really useful to have them synced across all locations.
As I can see that you are experienced in this area, let me know where I can contact you to learn from you ;)
Still learning, have been using FortiNet for two years now, but have 22 FG's and close to 100 FortiSwitches in the setup now.
Just about to replace Wifi on a complete hotel with FortiAP's (from Cisco).
So 270 FortiAP's being installed the next few weeks.
Arp-Hansen Hotel Group is in Copenhagen, Denmark - and all our sites is here in DK.
It's a big infrastructure to be in. And it's also great for experience that you will gain.
Our infrastructure is lot smaller but its in different countries.
Engineering and Software Development so I need to hop on on the Fortinet train as fast as I can to help company achieve the most security we can get with this.
Hope your implementation goes well
hi,
do you recommend FG firmware on local device instead of FMG fimware template?
does local FG firmware upgrade "breaks" any device or FW policy in FMG? or will it auto update?
If you manually upgrade a device, Manager will just update the status when it comes back online. It does not break anything, but is simply a more slow process, but you are in detailed control.
You can do the 'manual' upgrade of a single device, either on the devices own interface, that requires you manually download the FW from Fortinet, or you can select it in the Switch Manager part of Manager and initiate a manual update from there, selecting the desired FW version.
If you run a FW Template on a group of devices, Manager will show you what devices needs updates, and let you initiate that process.
Hello
where to look if the upgrade is suitable for us
For me the rule is simple:
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1720 | |
1093 | |
752 | |
447 | |
234 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.