Hello team!!!
I am thinking on acquire Fortigate routers for many sites.
The requirement is the following, I need to keep the same web filter and application control settings in all sites, even for "web rating overrides" (I dont want to synchronize every settings like interface addressess, etc, just web filter and application control related settings)
Is there a way to accomplish this with security fabric or whatever?
Thanks in advance.
Regards,
Damián
Solved! Go to Solution.
Hey Damián,
you can synchronise webfilter overrides (and a lot of other configuration) with FortiManager - you could essentially do a default configuration with policies, security profiles like webfilter etc, and push that out to all FortiGates, so all of them would have essentially the same configuration (with some localization for the different IP subnets the FortiGates would be in, etc)
You can do some object sharing with Security Fabric setup; the root FortiGate in the Fabric would share its objects like addresses and security profiles with all downstream FortiGates, which could in turn use those objects as well (but each FortiGate would require manual configuration of policies etc; the objects would just already exist to be used in policies).
FortiPortal (or FortiPrivateCloud) is a larger-scale solution typically used in MSSP setups; it functions as a tie-in to FortiAnalyzer and FortiManager and provides individual logins/portals to an MSSP's customers so they have access to their own configuration/devices on their premises, and the MSSP has a complete overview of all FGTs/FMG/FAZ in their possession.
It could technically achieve the same, simply because it utilizes FortiManager itself, but unless you're an MSSP managing a lot of FortiGates and looking to provide access for all your customers to the FortiGates on their site (while retaining control/visibility of what the customers are doing) FortiPortal is probably not a solution for you.
Hi,
First of all, FortiGate's are not routers, but you could use one as such.
You could achieve sync with FortiManager or FortiPortal(?)
Sorry, I know Fortigate is a NGFW, not a router. I usually tell router to any device connected to Internet, my fault.
The second one is a question?
Is it possible to synchronize web filter and app control profiles with FortiManager or FortiPortal? I dont know.
Thanks
Regards,
Damián
I am unsure if FortiPortal is the cloudbased version of FortiManager or not, hence the (?) for it.
Hey Damián,
you can synchronise webfilter overrides (and a lot of other configuration) with FortiManager - you could essentially do a default configuration with policies, security profiles like webfilter etc, and push that out to all FortiGates, so all of them would have essentially the same configuration (with some localization for the different IP subnets the FortiGates would be in, etc)
You can do some object sharing with Security Fabric setup; the root FortiGate in the Fabric would share its objects like addresses and security profiles with all downstream FortiGates, which could in turn use those objects as well (but each FortiGate would require manual configuration of policies etc; the objects would just already exist to be used in policies).
FortiPortal (or FortiPrivateCloud) is a larger-scale solution typically used in MSSP setups; it functions as a tie-in to FortiAnalyzer and FortiManager and provides individual logins/portals to an MSSP's customers so they have access to their own configuration/devices on their premises, and the MSSP has a complete overview of all FGTs/FMG/FAZ in their possession.
It could technically achieve the same, simply because it utilizes FortiManager itself, but unless you're an MSSP managing a lot of FortiGates and looking to provide access for all your customers to the FortiGates on their site (while retaining control/visibility of what the customers are doing) FortiPortal is probably not a solution for you.
Perfect explanation!!!
Thanks a lot!
Regards,
Damián
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.