FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Description The article explains the best practices for Interface monitoring (port monitoring) in FGCP high availability.
Solution Fortinet suggests the following practices related to interface monitoring (also called port monitoring): - Wait until a cluster is up and running and all interfaces are connected before enabling interface monitoring.
A monitored interface can easily become disconnected during initial setup and cause failovers to occur before the cluster is fully configured and tested. - Monitor interfaces connected to networks that process high priority traffic so that the cluster maintains connections to these networks if a failure occurs. - Avoid configuring interface monitoring for all interfaces. - Supplement interface monitoring with remote link failover.
Configure remote link failover to maintain packet flow if a link not directly connected to a cluster unit (for example, between a switch connected to a cluster interface and the network) fails.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.