Versions Compared

Version Old Version 9 New Version 10
Changes made by

Zach Robert

Sarah Nguyen (Deactivated)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • The top half is dedicated to the Policies for the ADOM that you're in. This is where you'll add new policies, or update old ones if need be.

  • The bottom half is dedicated to the Objects for the ADOM that you're in. In the bottom half, you can add (Create New) or edit (Edit) objects and services/ports


Info

Fortimanager differs slightly from the Fortigates in that the Fortimanager uses Policy Packages to manage the policies. Each ADOM has it's own specific Policy Package that contains all of the policies, objects, interfaces, etc. When making changes to policies and objects, you're updating the policy package that will be installed to the Firewall/VDOM.

Clicking Create New in either section will generate the screens shown below. Under Create New, you'll be able to setup your new policy or new object, the same way you normally would on the Fortinet firewalls.

...

  1. Click on Install along the top.

  2. Choose Re-install Policy (shown below).

    Tip
    iconfalse
    You should use

    Tip: Use Re-install Policy instead of the Install Wizard. Re-install Policy is quicker and only pushes the policy and object changes to the Firewall/VDOM, as opposed to the Install Wizard which will also push system changes, e.g. adding a new interface to the firewall.

  3. Confirm that you'd like to install the policy package. The following screen will display:
  4. At this point, some information about the installation will display.
    1. The Device column will show the Firewall & VDOM that the policy package is being installed to.
    2. The Policy Package column shows the current package being installed.
    3. The Validation column is arguably the most important of the three, as it will confirm that the package you're going to install is valid and doesn't contain any issues. You also have couple of installation options to choose from:
    4. Install Preview: The install preview generates the command line codes used by the Fortinet firewalls and shows you what the updated code will look like - this isn't particularly useful to most users, so it's recommended not to use this.

    5. Policy Package Diff: The more useful of the two options, Policy Package Diff lets you see the changes that will be implemented with the updated Policy Package, such as created/deleted/modified policies and objects.

      NoteBefore committing

      Note: Before committing the changes that you've made, it's always recommended to review them using Policy Package Diff. In the off chance that you made a change to an object or policy that you didn't mean to make, this will give you chance to take another look at the changes you made to verify that everything is correct.

  5. After reviewing your changes and confirming that everything is correct, click on Next, which will begin the installation. Depending on how many changes you've made, this process may take a minute or two. When the process is complete, the following screen will display, confirming the installation was successful.

...