I need to use someone to update signatures on Fortigate firewalls and not willing to give him super admin admin account. Is there any way to create an account with the minimum permissions just to be able to use execute restore ... command and update the firewall?
I cannot let some of my firewalls go through Internet. Therefore, to update some of their signatures like AV, IPS, I use offline files and execute restore command. I've written a simple script to connect via SSH, run the mentioned command and use an FTP address to find the files and update the firewall. This script uses superadmin user to SSH and run the commands which I'm not happy with. So, I need a more privileged account (not superadmin) to be able to SSH and only run some specific commands, specifically execute restore ...
I hope my elaboration of the problem has been clear.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.