...
| Info |
|---|
In the top right corner, you'll see ADOM: FW-Waterbury-PDFD. This is the current ADOM you're in; clicking this will bring up the selection box, allowing you jump to another ADOM. |
Policy & Object View
After choosing Policy & Objects in Fortimanager, you'll be greeted with the following screen. The top half is dedicated to the Policies for the ADOM that you're in - here is where you'll add new policies, or update old ones if need be. The bottom half is dedicated to the Objects for the ADOM that you're in - here you can add (Create New) or edit (Edit) objects and services/ports.
| Info |
|---|
Fortimanager differs slightly from the Fortigates in that the Fortimanager uses Policy Packages to manage the policies. Each ADOM has it's own specific Policy Package that contains all of the policies, objects, interfaces, etc. When making changes to policies and objects, you're updating the policy package that will be installed to the Firewall/VDOM. |
Clicking Create New in either section will bring up the screens below. Here you'll be able to setup your new policy or new object, the same way you normally would on the Fortinet firewalls.
Installing Policy/Object Changes
After you've made the changes you need to the policies/objects (highlighted below), you'll need to install the updated Policy Package. To start the process, click on Install along the top, and choose Re-install Policy (illustrated below).
| Note | ||
|---|---|---|
| ||
It is recommended to use Re-install Policy instead of the Install Wizard, as Re-install Policy is quicker and only pushes the policy and object changes to the Firewall/VDOM, as opposed to the Install Wizard which will also push system changes, e.g. adding a new interface to the firewall. |
You'll be asked to confirm that you'd like to install the policy package - after doing so, you'll be greeted with the following screen:
Here you'll see some information about the installation. The Device column will show the Firewall & VDOM that the policy package is being installed to. The Policy Package column shows the current package being installed. The Validation column is arguably the most important of the three, as it will confirm that the package you're going to install is valid and doesn't contain any issues. You also have couple of options to choose from:
- Install Preview - The install preview generates the command line codes used by the Fortinet firewalls and shows you what the updated code will look like - this isn't particularly useful to most users, so it's recommended not to use this.
- Policy Package Diff - The more useful of the two options, Policy Package Diff lets you see the changes that will be implemented with the updated Policy Package, such as created/deleted/modified policies and objects.
| Note |
|---|
Before committing the changes that you've made, it's always recommended to review them using Policy Package Diff. In the off-hand chance that you made a change to an object or policy that you didn't mean to, this will give you a second look at the changes you made to verify that everything is correct. |
After reviewing your changes and confirming that everything is correct, click on Next, which will begin the installation. Depending on how many changes you've made this process can take a minute or two, but when complete you'll be greeted with the following screen confirming the installation was successful.
Related Articles
| Filter by label (Content by label) | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
...