Versions Compared

Version Old Version 9 New Version Current
Changes made by

Zach Robert

Nehal Gupta

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

With the Fortimanager, staff who manage Fortinet firewalls can assist in the transition of implementing policies.

Info

Fortimanager allows for easier management of our Fortinet Firewalls from a single location

, as well as providing

and provides future automation for Tufin.

Logging In

...

and Initial Screens

Upon logging in to the Fortimanager with your NetIDAdmin/Password, you 'll will be greeted with the 'Select “Select an ADOM' ADOM” screen. Here, you will see each ADOM that you have access to manage.

  1. Click the ADOM you

...

  1. would like to manage

...

  1. .

Image Removed

...

  1. adom optionsImage Added

    1. The Fortimanager is divided into individual ADOMs (Administrative Domains) for each VDOM (Virtual Domain) on each firewall.

      For example, the Waterbury firewall has 3 VDOMs:

      • PDFD

      • Server

      • Root
        Each of these VDOMs belongs to its own ADOM, as shown below.

...

      • Image Added

  2. After selecting the ADOM, you will be directed to the screen shown below. From here, you can choose to enter the Device Manager

...

  1. or what will more commonly be used

...

  1. Policy & Objects. Fabric View is not used; you can ignore it. 

...

  1. the options on the screen are device manager, policy and objects, and fabric viewImage Added
Info

In the top right corner, you 'll will see ADOM: FW-Waterbury-PDFD. This is the current ADOM you 're are in; clicking this will bring up the selection box, allowing you jump to another ADOM.

...

After choosing Policy & Objects in Fortimanager, the following screen will display.

  • The top half is dedicated to the Policies for the ADOM

    that

    you

    're

    are in. This is where you

    'll

    add new policies

    ,

    or update old ones

    if need be

    .

  • The bottom half is dedicated to the Objects for the ADOM

    that

    you

    're

    are in. In the bottom half, you can add (Create New) or edit (Edit) objects and services/ports.

    Image Removedimage-20250128-171700.pngImage Added

Info

Fortimanager differs slightly from

...

Fortigates in that

...

Fortimanager uses Policy Packages to manage the policies. Each ADOM has

...

its own specific Policy Package that contains all of the policies, objects, interfaces, etc. When making changes to policies and objects, you

...

are updating the policy package that will be installed to the Firewall/VDOM.

Clicking Create New in either section will generate the screens shown below. Under Create New, you 'll will be able to setup set up your new policy or new object , the same way you normally would on the Fortinet firewalls.Image Removed

...

Installing Policy/Object Changes

After you 've have made the changes you need to the policies/objects (highlighted below), you 'll need to install the updated Policy Package.

To start the process,

  1. Click on Install along the top.

  2. Choose Re-install Policy (shown below).

...

iconfalse

...

  1. image-20250128-171856.pngImage Added

    (tick) Tip: Use Re-install Policy instead of

...

  1. Install Wizard. Re-install Policy is quicker and only pushes the policy and object changes to the Firewall/VDOM, as opposed to the Install Wizard which

...

  1. also

...

  1. pushes system changes

...

  1. (e.g., adding a new interface to the firewall).

  2. Confirm that you

...

  1. would like to install the policy package. The following screen will display:

...

  1. image-20250128-171750.pngImage Added

  2. At this point, some information about the installation will display.

    1. The Device column

...

    1. shows the Firewall & VDOM that the policy package is being installed to.

    2. The Policy Package column shows the current package being installed.

    3. The Validation column is arguably the most important of the three, as it

...

    1. confirms that the package you

...

    1. are going to install is valid and

...

    1. does not contain any issues.

...

    1. There are a couple of installation options to choose from:

      1. Install Preview: The install preview generates the command line codes used by the Fortinet firewalls and shows you what the updated code will look like

...

      1. . This is not particularly useful to most users, so it

...

      1. is recommended not to use this.

      2. Policy Package Diff: The more useful of the two options, Policy Package Diff lets you see the changes that will be implemented with the updated Policy Package, such as created/deleted/modified policies and objects.

...

      1. image-20250128-171814.pngImage Added

        (warning) Note: Before committing the changes that you

...

      1. have made, it

...

      1. is always recommended to review them using Policy Package Diff. 

...

      1. This will give you chance to take another look at the changes you made to verify that everything is correct.

  2. After reviewing your changes and confirming that everything is correct,

...

  1. click Next to begin the installation. Depending on how many changes you

...

  1. have made, this process may take a minute or two. When the process is complete, the following screen will display, confirming the installation was successful.

...

  1. installed successfullyImage Added
Filter by label (Content by label)
showLabelsfalse
max

...

10
spacesIKB
showSpacefalse

...

...

typepage
cqllabel in ( "networking" , "it_security

...

" , "fortimanager" , "install" , "package" , "tufin" , "fortinet" ) and type = "page" and space = "IKB

...

"
labelsnetworking
Page Properties
hiddentrue


Related issues