This document provides an overview of the FortiManager system including key features, documentation resources, and basic configuration instructions. It summarizes the new features introduced in version 4.0 MR3 including improvements to global policies, administrative domains, installation wizards, policy usability, FortiToken support, management models, licensing, and the web-based manager. It also describes the FortiManager management module and its role in centrally managing FortiGate devices and their configurations.
The session with highlight Intel’s vision for IoT Security and the fundamental building blocks and capabilities Intel and the ecosystem are providing to organizations to build security in from design through deployment and maintenance.
The session with highlight Intel’s vision for IoT Security and the fundamental building blocks and capabilities Intel and the ecosystem are providing to organizations to build security in from design through deployment and maintenance.
Identity for IoT: An Authentication Framework for the IoTAllSeen Alliance
John Bradley, Ping Identity, gave this presentation at the AllSeen Alliance's Partner Programme at Mobile World Congress 2015.
About Ping Identity: Ping Identity provides next-generation identity security solutions. With more than 1,200 enterprise customers worldwide, including half of the Fortune 100, Ping Identity delivers professional-grade identity security solutions that meet the needs of organizations managing workforce, customer, and partner identities. Identity at Internet scale is a concept that will be required as the industry builds services that encompass billions of connected devices and identities.
IOT Security. Internet of Things impact is everywhere from your bedroom to office. Everyone should be aware about iot security to run it without any hassle and security risk.
Why you should take IOT security training course ?
Learn about risks of unsecured enterprise and home IoT devices connecting to the Internet and able to share the information they generate.
Iot security training covers these topics :
Device and platform vulnerabilities,
Authentication and authorization,
Web interface and software,
Transport encryption,
Management issues,
Privacy and security enhancements and other iot issues
Iot and security risks :
Most serious IoT security risks involve software. Software attacks can exploit entire systems, steal information, alter data, deny service and compromise or damage devices.
In a phishing attack, for example, Attackers also use malware, such as viruses, worms and Trojans, to damage or delete data, steal information, monitor users and disrupt key system functions.
Learn about:
IoT Principles
Principles of IoT Security
IoT Attack Areas
IoT Vulnerabilities
IoT Firmware Analysis
IoT Software Weaknesses
IoT Security Verification, Validation
Assessing IoT devices attack surfaces
Evaluation of IoT device firmware analysis, attack surface, vulnerabilities and exploiting the vulnerabilities
Request more information.
Visit tonex.com for iot security training course and workshop detail.
https://www.tonex.com/training-courses/iot-security-training-iot-security-awareness/
Intermediate: 5G Applications Architecture - A look at Application Functions ...3G4G
In this tutorial we look at the 5G Applications architecture. We discuss 5G applications, application functions and application servers and how they fit together in a 5G Service Based Architecture
All our #3G4G5G slides and videos are available at:
Videos: https://www.youtube.com/3G4G5G
Slides: https://www.slideshare.net/3G4GLtd
5G Page: https://www.3g4g.co.uk/5G/
Free Training Videos: https://www.3g4g.co.uk/Training/
The IoT is here to stay. As with any other trend in the history of computer software, it’s starting to produce a new generation of cloud platforms. This tech talk will identify and explain what to look for when evaluating an IoT cloud platform to ensure a successful deployment of IoT strategies.
IoT Security: Problems, Challenges and SolutionsLiwei Ren任力偉
As a novel computing platform in network, IoT will bring many security challenges to enterprise networks, and create new opportunities for security industry. This talk will provide a general overview of enterprise network security problems, especially the data security, caused by IoT. After that, a few existing security technologies are evaluated as necessary elements of a holistic network security that cover IoT devices. These technologies include : (a) IoT security monitoring and control; (b) FOTA for firmware vulnerability management; (c) NetFlow based big data security analysis. In the end, the practice of standard security protocols (such as OpenIoC and IODEF) will be strongly advocated for delivering effective IoT security solutions.
A
PROJECT REPORT
On
CISCO CERTIFIED NETWORK ASSOCIATE
A computer network, or simply a network, is a collection of computer and other hardware components interconnected by communication channels that allow sharing of resources and information. Where at least one process in one device is able to send/receive data to/from at least one process residing in a remote device, then the two devices are said to be in a network. Simply, more than one computer interconnected through a communication medium for information interchange is called a computer network.
This presentation gives a high level view of Internet of Things and where it stands today. It also contains a slide on how a Temperature Logger was built out using Arduino, Python and the Google Cloud Platform.
Deploying new WAN services can take a long time and require a significant up-front capital investment. The software-defined nature of SD-WAN enables service agility, rapid rollout, and instant-on WAN that the Service Provider can immediately benefit from. This accelerates the time to market and time to revenue.
The convergence of IoT and Quantum ComputingAhmed Banafa
One of the top candidates to help in securing IoT is Quantum Computing, while the idea of convergence of IoT and Quantum Computing is not a new topic, it was discussed in many works of literature and covered by various researchers, but nothing is close to practical applications so far.
Quantum Computing is not ready yet, it is years away from deployment on a commercial scale.
We did not predict the Internet, the Web, social networking, Facebook, Twitter, millions of apps for smart-phones, etc. New research problems arise due to the large scale of devices, the connection of the physical and cyber worlds, the openness of the systems of systems, and continuing problems of privacy and security. It is hoped that there is more cooperation between the research communities in order to solve the myriad of problems sooner as well as to avoid re-inventing the wheel when a particular community solves a problem.
Identity for IoT: An Authentication Framework for the IoTAllSeen Alliance
John Bradley, Ping Identity, gave this presentation at the AllSeen Alliance's Partner Programme at Mobile World Congress 2015.
About Ping Identity: Ping Identity provides next-generation identity security solutions. With more than 1,200 enterprise customers worldwide, including half of the Fortune 100, Ping Identity delivers professional-grade identity security solutions that meet the needs of organizations managing workforce, customer, and partner identities. Identity at Internet scale is a concept that will be required as the industry builds services that encompass billions of connected devices and identities.
IOT Security. Internet of Things impact is everywhere from your bedroom to office. Everyone should be aware about iot security to run it without any hassle and security risk.
Why you should take IOT security training course ?
Learn about risks of unsecured enterprise and home IoT devices connecting to the Internet and able to share the information they generate.
Iot security training covers these topics :
Device and platform vulnerabilities,
Authentication and authorization,
Web interface and software,
Transport encryption,
Management issues,
Privacy and security enhancements and other iot issues
Iot and security risks :
Most serious IoT security risks involve software. Software attacks can exploit entire systems, steal information, alter data, deny service and compromise or damage devices.
In a phishing attack, for example, Attackers also use malware, such as viruses, worms and Trojans, to damage or delete data, steal information, monitor users and disrupt key system functions.
Learn about:
IoT Principles
Principles of IoT Security
IoT Attack Areas
IoT Vulnerabilities
IoT Firmware Analysis
IoT Software Weaknesses
IoT Security Verification, Validation
Assessing IoT devices attack surfaces
Evaluation of IoT device firmware analysis, attack surface, vulnerabilities and exploiting the vulnerabilities
Request more information.
Visit tonex.com for iot security training course and workshop detail.
https://www.tonex.com/training-courses/iot-security-training-iot-security-awareness/
Intermediate: 5G Applications Architecture - A look at Application Functions ...3G4G
In this tutorial we look at the 5G Applications architecture. We discuss 5G applications, application functions and application servers and how they fit together in a 5G Service Based Architecture
All our #3G4G5G slides and videos are available at:
Videos: https://www.youtube.com/3G4G5G
Slides: https://www.slideshare.net/3G4GLtd
5G Page: https://www.3g4g.co.uk/5G/
Free Training Videos: https://www.3g4g.co.uk/Training/
The IoT is here to stay. As with any other trend in the history of computer software, it’s starting to produce a new generation of cloud platforms. This tech talk will identify and explain what to look for when evaluating an IoT cloud platform to ensure a successful deployment of IoT strategies.
IoT Security: Problems, Challenges and SolutionsLiwei Ren任力偉
As a novel computing platform in network, IoT will bring many security challenges to enterprise networks, and create new opportunities for security industry. This talk will provide a general overview of enterprise network security problems, especially the data security, caused by IoT. After that, a few existing security technologies are evaluated as necessary elements of a holistic network security that cover IoT devices. These technologies include : (a) IoT security monitoring and control; (b) FOTA for firmware vulnerability management; (c) NetFlow based big data security analysis. In the end, the practice of standard security protocols (such as OpenIoC and IODEF) will be strongly advocated for delivering effective IoT security solutions.
A
PROJECT REPORT
On
CISCO CERTIFIED NETWORK ASSOCIATE
A computer network, or simply a network, is a collection of computer and other hardware components interconnected by communication channels that allow sharing of resources and information. Where at least one process in one device is able to send/receive data to/from at least one process residing in a remote device, then the two devices are said to be in a network. Simply, more than one computer interconnected through a communication medium for information interchange is called a computer network.
This presentation gives a high level view of Internet of Things and where it stands today. It also contains a slide on how a Temperature Logger was built out using Arduino, Python and the Google Cloud Platform.
Deploying new WAN services can take a long time and require a significant up-front capital investment. The software-defined nature of SD-WAN enables service agility, rapid rollout, and instant-on WAN that the Service Provider can immediately benefit from. This accelerates the time to market and time to revenue.
The convergence of IoT and Quantum ComputingAhmed Banafa
One of the top candidates to help in securing IoT is Quantum Computing, while the idea of convergence of IoT and Quantum Computing is not a new topic, it was discussed in many works of literature and covered by various researchers, but nothing is close to practical applications so far.
Quantum Computing is not ready yet, it is years away from deployment on a commercial scale.
We did not predict the Internet, the Web, social networking, Facebook, Twitter, millions of apps for smart-phones, etc. New research problems arise due to the large scale of devices, the connection of the physical and cyber worlds, the openness of the systems of systems, and continuing problems of privacy and security. It is hoped that there is more cooperation between the research communities in order to solve the myriad of problems sooner as well as to avoid re-inventing the wheel when a particular community solves a problem.
Formation complète ici:
http://www.alphorm.com/tutoriel/formation-en-ligne-vmware-workstation-11
Avec cette formation VMware Workstation, vous allez découvrir le système de virtualisation phare pour les postes de travail personnel, VMware Workstation 11.
Cette formation pratique vous permettra d’acquérir les connaissances et compétences pour installer, gérer et maîtriser l’environnement VMware Workstation.
De la création à la gestion des machines virtuelles. Vous maîtriserez aussi le partage des machines virtuelles et leur sécurité. Vous comprendrez en détail les méthodes de connexions réseau de vos machines virtuelles.
Un Bonus vous ai offert: un lab réseau Cisco avec GNS3 pour connecter vos machines virtuelles !!
Aucune connaissances des outils de virtualisation n’est requise, toutefois une connaissance de base des systèmes d’exploitation Windows et Linux est un plus.
Une connaissance de base des réseaux TCP/IP est également un plus pour appréhender rapidement les aspects réseaux.
Alphorm.com Support de la Formation VMware vSphere 6 - Clustering HA, DRS et ...Alphorm
Formation complète ici:
http://www.alphorm.com/tutoriel/formation-en-ligne-vmware-vsphere-6-clustering-ha-drs-et-sdrs
Votre vExpert Fouad EL AKKAD continue toujours avec le produit vSphere 6, après avoir étudié, expliqué mis en place un environnement complet de virtualisation vSphere 6. Nous pouvons à la suite de cette série complète vSphere 6, poser LES fonctionnalités avancées et libérer toute la puissance d'un cluster ESXi.
La haute disponibilité, l'éradication des SPOF "Single Point Of Fail" sont les enjeux premiers des services informatique, afin de répondre au mieux aux besoins métiers. Cette formation vous donnera toutes les clefs pour mettre en place une infrastructure de qualité et de haute disponibilité
A la suite de cette formation, les interruptions de services de votre infrastructures ne seront que de mauvais souvenirs.
Formation complète ici:
http://www.alphorm.com/tutoriel/formation-en-ligne-lxc
LXC "Linux Containers" est une solution puissante de virtualisation basée sur les conteneurs.
LXC permet de créer des conteneurs Linux sécurisés et isolés sur un «petit» serveur physique permettant une meilleure utilisation des serveurs et assurant que les applications ne soient pas en conflit.
Dans cette formation vous allez apprendre comment installer, configurer, déployer et administrer au quotidien un environnement virtualisé par conteneurs sous LXC et LXD.
Ludovic vous guidera dans la compréhension et la mise en place des concepts avancés de LXC : vous allez découvrir des fonctionnalités avancées du noyau Linux comme les espaces de noms et les groupes de contrôle Linux.
Aussi vous apprendrez à connecter vos conteneurs avec différents modèles réseau (Veth, Bridge, MacVlan et OpenVswitch). En plus, vous étudierez la gestion du stockage avec les systèmes de fichiers (LVM, BRFS et ZFS).
Vous pourrez administrer des serveurs locaux et distants, des serveurs d’images et vous maîtriserez la gestion quotidienne de vos conteneurs avec les snapshots, le clonage, la migration, mais également la gestion des ressources.
Comme à son habitude, Ludovic partagera avec vous toutes les astuces et bonnes pratiques avec plein de travaux pratiques.
Alphorm.com Support de la formation Vmware Esxi 6.0Alphorm
Formation complète ici :
http://www.alphorm.com/tutoriel/formation-en-ligne-vmware-esxi-6
L'hyperviseur VMware ESXi 6 est la solution GRATUITE de virtualisation des serveurs la plus aboutie et répandue dans le monde de la virtualisation. Avec VMware ESXi 6 vous pouvez ainsi consolider vos applications sur moins de matériel.
Cette formation VMware ESXi 6 vous donnera toutes les clefs afin d'obtenir des bases solides sur l'installation et la gestion d'un Hyperviseur VMware ESXi 6. Mais aussi sur sa mise en place dans le monde complexe et hétérogène du DataCenter.
Durant cette formation VMware ESXi 6, votre formateur vExpert Fouad EL AKKAD, vous montrera comment installer et configurer un VMware ESXi 6, créer, installer et configurer des machines virtuelles, installer des VMware tools, configurer la délégation et sécuriser votre hyperviseur VMware ESXi 6, et enfin mettre à jour et à niveau vos serveurs VMware ESXi 6.
Après cette formation, VMware ESXi 6 n’aura plus de secret pour vous.
D’autres formations sur VMware vSphere 6, vCenter 6, Update Manager 6 sont en cours de réalisation.
Bienvenue dans le monde de la virtualisation des serveurs sous formation VMware ESXi 6.
Formation complète ici:
http://www.alphorm.com/tutoriel/formation-en-ligne-certified-ethical-hacker-v9-2-4-reussir-ceh-v9
Faisant suite à la première formation CEH, votre MVP Hamza KONDAH vous a préparé la deuxième partie afin d’approfondir vos connaissances au monde en matière de piratage éthique.
Avec cette formation CEH vous allez découvrir plus de 270 attaques techniques et plus de 140 labs, avec un accès à plus de 2200 outils de piratages.
Dans cette formation CEH, vous allez comprendre le concept des trojan, Metasploit, des virus, et de Ver.
Pendant cette formation CEH, Hamza vous apprendra le sniffing et le Social Engineering.
Et aussi les contremesures avec DoS/DDoS.
La formation complète est disponible ici:
http://www.alphorm.com/tutoriel/formation-en-ligne-vmware-vsphere-5
VMware a dominé depuis longtemps le marché de la virtualisation des serveurs. Cette formation explore l'installation, la configuration et la gestion de VMware vSphere 5, qui se compose de VMware ESXi et VMware vCenter Server en ces deux versions Windows et Appliance.
Vous allez découvrir toutes les fonctionnalités de cette suite : ESXi, vCenter/vCSA, Machines virtuelles, Web client, réseaux virtuels, vDS, Stockage SAN/NAS/iSCSI/FC, SIOC/NIOC, vMotion/svMotion, clonage/template, hot add/hot plug, DRS/SDRS, HA, alarmes, délégation...
Durant cette formation, vous allez acquérir des compétences critiques pour votre carrière en virtualisation sur le terrain.
MetaFabric™ Architecture Virtualized Data Center: Design and Implementation G...Juniper Networks
The benefits of virtualization are driving data center operators to rethink their legacy data center networks and look for new ways to reduce costs and improve efficiency in the data center. Moving from a legacy network to a state-of-the-art solution allows you to deploy new applications in seconds rather than days, weeks, or months. If you want to harness the power of virtualization in your data center network, this guide will help you to achieve your goal.
This EMC Engineering TechBook provides insight and understanding of some options available for managing your data center connectivity, including information on some new software management tools developed to bridge the gap in the I/O consolidation environment.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
3. Table of Contents
Change Log ............................................................................................ 16
Introduction ............................................................................................ 17
About this document ...................................................................................... 17
FortiManager documentation ......................................................................... 19
What’s New in v4.0 MR3........................................................................ 20
Global Policy improvements........................................................................... 20
Administrative Domain (ADOM) ...................................................................... 21
Install Wizard/Import Wizard........................................................................... 21
Policy usability ................................................................................................ 22
FortiToken support ......................................................................................... 22
Management model........................................................................................ 22
FortiManager VM licensing changes .............................................................. 23
Web-based Manager changes ....................................................................... 23
User Workspaces ........................................................................................... 24
Search improvements..................................................................................... 24
Improvements to Device Manager.................................................................. 24
Firewall Policies Consistency Check .............................................................. 24
Java Client for Windows ................................................................................. 25
IPv6 support ................................................................................................... 25
Audit logging................................................................................................... 25
FortiGate to FortiManager Protocol................................................................ 25
FortiMail support............................................................................................. 25
High Availability improvements ...................................................................... 25
SNMPv3 support added ................................................................................. 26
Additional XML API extensions....................................................................... 26
Fortinet Management Theory ............................................................... 27
Key features of the FortiManager system....................................................... 27
Configuration Revision Control and Tracking ........................................... 27
Centralized Management.......................................................................... 27
Administrative Domains ............................................................................ 27
Local FortiGuard Service Provisioning ..................................................... 27
Firmware Management ............................................................................. 27
Scripting.................................................................................................... 27
FortiClient Management ........................................................................... 27
Fortinet Device Lifecycle Management .................................................... 28
Inside the FortiManager system ..................................................................... 28
Inside the FortiManager Management Module......................................... 30
FortiManager v4.0 MR3 Patch Release 3 Administration Guide
02-434-167503-20120406 3
http://docs.fortinet.com/ • Feedback
4. Table of Contents
Using the Web-based Manager............................................................ 32
System requirements...................................................................................... 32
Connecting to the Web-based Manager ........................................................ 32
Web-based Manager overview....................................................................... 33
Viewing the Web-based Manager............................................................. 33
Using the main tool bar............................................................................. 34
Using the tab bar ...................................................................................... 34
Using the navigation pane ........................................................................ 35
Configuring Web-based Manager settings..................................................... 35
Changing the Web-based Manager language .......................................... 35
Changing administrative access to your FortiManager system................ 36
Changing the Web-based Manager idle timeout...................................... 36
Reboot and shutdown of the FortiManager unit............................................. 37
Administrative Domains ........................................................................ 38
Enabling and disabling the ADOM feature ..................................................... 38
About ADOM modes....................................................................................... 39
Switching between ADOMs ...................................................................... 40
Normal mode ADOMs............................................................................... 40
Backup mode ADOMs .............................................................................. 40
Managing ADOMs .......................................................................................... 41
Concurrent ADOM access ........................................................................ 42
Adding an ADOM ...................................................................................... 42
Deleting an ADOM .................................................................................... 44
Assigning devices to an ADOM ................................................................ 44
Assigning administrators to an ADOM...................................................... 45
Viewing ADOM assignments .......................................................................... 45
Viewing ADOM properties ........................................................................ 46
System Settings ..................................................................................... 47
Viewing the system status .............................................................................. 48
Customizing the Dashboard ..................................................................... 49
Viewing System Information ..................................................................... 51
Viewing System Resource Information ..................................................... 52
Viewing the Device Summary ................................................................... 54
Viewing License Information ..................................................................... 54
Viewing Unit Operation ............................................................................. 55
Viewing RAID status ................................................................................. 55
Viewing Alert Messages............................................................................ 56
Using the CLI Console widget .................................................................. 58
Configuring General settings .......................................................................... 58
Changing the host name........................................................................... 59
Configuring the system time ..................................................................... 60
Updating the system firmware.................................................................. 61
Backing up and restoring the system ....................................................... 62
FortiManager v4.0 MR3 Patch Release 3 Administration Guide
02-434-167503-20120406 4
http://docs.fortinet.com/ • Feedback
5. Table of Contents
Configuring RAID ...................................................................................... 65
Configuring Network settings ................................................................... 68
Managing Certificates ............................................................................... 73
Configuring High Availability ..................................................................... 75
Managing administrators ................................................................................ 77
Monitoring administrator sessions............................................................ 77
Configuring administrator accounts ......................................................... 78
Managing administrator access................................................................ 82
Managing remote authentication servers ................................................. 86
Configuring global admin settings ............................................................ 91
Managing FortiGuard Services ....................................................................... 93
Configuring FortiGuard services ............................................................... 94
Configuring FortiGuard updates ............................................................... 95
Managing firmware images....................................................................... 96
Viewing local event logs ................................................................................. 96
Configuring Advanced Settings ...................................................................... 97
Configuring SNMP .................................................................................... 97
Configuring metadata requirements ....................................................... 104
Configuring advanced settings ............................................................... 107
Alerts....................................................................................................... 108
Device Log .............................................................................................. 112
Using FortiManager Wizards .............................................................. 115
Using the Add Device Wizard ....................................................................... 115
Launching the Add Device Wizard.......................................................... 115
Importing a device .................................................................................. 119
Adding a Device...................................................................................... 125
Using the Install Wizard ................................................................................ 130
Launching the Install Wizard................................................................... 130
Installing a Policy Package ..................................................................... 130
Installing Device Settings........................................................................ 135
Overview of the Add Device Wizard ....................................................... 138
Device Management............................................................................ 140
Device Manager overview............................................................................. 140
Viewing device summaries ........................................................................... 140
Viewing managed devices ...................................................................... 140
Viewing a single device........................................................................... 142
Using list filters........................................................................................ 145
Managing devices......................................................................................... 147
Adding a device ...................................................................................... 147
Replacing a managed device ................................................................. 147
Deleting a device .................................................................................... 148
Editing device information ...................................................................... 148
Refreshing a device ................................................................................ 150
FortiManager v4.0 MR3 Patch Release 3 Administration Guide
02-434-167503-20120406 5
http://docs.fortinet.com/ • Feedback
6. Table of Contents
Importing policies to a device................................................................. 150
Importing and exporting devices ............................................................ 150
Setting unregistered device options ....................................................... 155
Configuring devices ...................................................................................... 155
Configuring a device ............................................................................... 156
Configuring virtual domains (VDOMs)..................................................... 157
Working with device groups ......................................................................... 161
Adding a device group............................................................................ 161
Deleting a device group .......................................................................... 162
Editing device group information............................................................ 162
Viewing the device group summary........................................................ 162
Managing FortiGate chassis devices............................................................ 163
Viewing chassis dashboard .................................................................... 165
Using the CLI console for managed devices................................................ 169
Policies and Objects............................................................................ 170
About Policies............................................................................................... 170
Policy Theory .......................................................................................... 171
Policy Workflow ............................................................................................ 173
Provisioning New Devices ...................................................................... 173
Day-to-Day Management of Devices...................................................... 173
Managing policy packages ........................................................................... 173
Create a new policy package or folder ................................................... 173
Remove a policy package or folder ........................................................ 174
Rename a policy package or folder ........................................................ 174
Install a policy package .......................................................................... 174
Perform a policy consistency check....................................................... 175
About Objects and Dynamic Objects ........................................................... 177
Managing Objects and Dynamic Objects ..................................................... 178
Create a new object or group ................................................................. 178
Remove an object or group .................................................................... 179
Edit an object or group ........................................................................... 179
Clone an object or group ........................................................................ 179
Search where an object or group is used............................................... 179
Search objects ........................................................................................ 180
FortiToken configuration example .......................................................... 180
VPN Console ........................................................................................ 182
Configuring a VPN ........................................................................................ 183
Enable or disable VPN consoles............................................................. 183
Create a firewall address ........................................................................ 183
Create a VPN configuration .................................................................... 183
Add a VPN gateway ................................................................................ 189
Create VPN firewall policies.................................................................... 191
FortiManager v4.0 MR3 Patch Release 3 Administration Guide
02-434-167503-20120406 6
http://docs.fortinet.com/ • Feedback
7. Table of Contents
Installing Device Configurations ........................................................ 192
Checking device configuration status .......................................................... 192
Managing configuration revision history....................................................... 193
Downloading and importing a configuration file ..................................... 195
Comparing different configuration files .................................................. 195
Advanced Features.............................................................................. 197
About Global Policies and Objects............................................................... 197
Assigning Global Policies to ADOMs............................................................ 198
Searching for Global Objects content .......................................................... 198
IP address search rules .......................................................................... 200
Configuring Web Portals............................................................................... 203
Creating a web portal ............................................................................. 204
Configuring the web portal profile .......................................................... 205
Creating a portal user account ............................................................... 208
External users ......................................................................................... 209
Using the web portal............................................................................... 210
Application Program Interfaces ......................................................... 211
XML API ........................................................................................................ 211
Connecting to FortiManager Web Services............................................ 211
Web Portal Service Development Kit (SDK) ................................................. 212
Java-based Administration Client ...................................................... 213
System requirements.................................................................................... 213
Installing and logging in to the Java-based client ........................................ 213
Java-based manager overview..................................................................... 214
Using the main tool bar........................................................................... 215
Using the navigation pane ...................................................................... 215
Using the content pane........................................................................... 215
Java-based manager features ...................................................................... 216
Drag and drop......................................................................................... 216
Tabs ........................................................................................................ 216
Improved adding and editing windows................................................... 217
Working with Scripts ........................................................................... 218
Device View .................................................................................................. 218
Individual device view ............................................................................. 218
Scheduling a script ................................................................................. 220
Script View.................................................................................................... 221
Creating or editing a script ..................................................................... 222
Cloning a script....................................................................................... 223
Exporting a script.................................................................................... 224
Script Samples ............................................................................................. 224
CLI scripts............................................................................................... 225
Tcl scripts ............................................................................................... 230
FortiManager v4.0 MR3 Patch Release 3 Administration Guide
02-434-167503-20120406 7
http://docs.fortinet.com/ • Feedback
8. Table of Contents
FortiGuard Services ............................................................................ 247
FortiGuard Center ......................................................................................... 248
Connecting the built-in FDS to the FDN ................................................. 253
Configuring devices to use the built-in FDS ................................................. 254
Matching port settings............................................................................ 254
Handling connection attempts from unregistered devices..................... 254
Configuring FortiGuard services in the FortiGuard Center ........................... 255
Enabling push updates ........................................................................... 255
Enabling updates through a web proxy.................................................. 256
Overriding default IP addresses and ports ............................................. 257
Scheduling updates ................................................................................ 257
Accessing public FortiGuard Web Filtering and Email Filter servers...... 258
Viewing FortiGuard services from devices and groups ................................ 260
FortiGuard AntiVirus and IPS Statistics for a device .............................. 261
Web Filter Category Detail ...................................................................... 261
FortiGuard Web Filter and Email Filter Statistics .................................... 262
License Information ................................................................................ 262
Device History......................................................................................... 264
Logging events related to FortiGuard services............................................. 264
Logging FortiGuard AntiVirus and IPS updates...................................... 264
Logging FortiGuard Web Filtering or Email Filter events ........................ 265
Viewing service update log events ......................................................... 266
Restoring the URL or Antispam database .................................................... 267
Firmware and Revision Control .......................................................... 268
Viewing a device or group’s firmware........................................................... 268
Downloading firmware images ..................................................................... 271
Installing firmware images ............................................................................ 273
Real-Time Monitor ............................................................................... 274
RTM monitoring ............................................................................................ 274
RTM Dashboards.................................................................................... 274
FortiManager system alerts .......................................................................... 277
Alerts event ............................................................................................. 277
Configuring alerts.................................................................................... 279
Alert console ........................................................................................... 284
Device Log .................................................................................................... 285
Device log setting ................................................................................... 285
Device log access................................................................................... 286
FortiClient Manager............................................................................. 287
FortiClient Manager maximum managed agents ......................................... 287
About FortiClient Manager clustering ........................................................... 288
FortiClient Manager window......................................................................... 288
Main Menu Bar........................................................................................ 289
FortiManager v4.0 MR3 Patch Release 3 Administration Guide
02-434-167503-20120406 8
http://docs.fortinet.com/ • Feedback
9. Table of Contents
Navigation Pane...................................................................................... 289
Client Group Tree.................................................................................... 291
FortiClient menu...................................................................................... 291
Message Center............................................................................................ 292
Dashboard .............................................................................................. 292
Management Event................................................................................. 293
Client Alert .............................................................................................. 294
Working with Clients (FortiClient agents)...................................................... 296
Viewing the clients lists........................................................................... 296
Filtering the clients list ............................................................................ 298
Searching for FortiClient agents ............................................................. 298
Adding or removing temporary clients.................................................... 299
Removing or relicensing unlicensed clients............................................ 300
Deploying licenses to Standard (Free) Edition clients ............................ 301
Deleting FortiClient agents ..................................................................... 301
Working with FortiClient groups ................................................................... 302
Overview of client groups ....................................................................... 302
Viewing FortiClient groups...................................................................... 303
Adding a FortiClient agent group............................................................ 303
Deleting a FortiClient agent group .......................................................... 304
Editing a FortiClient agent group ............................................................ 304
Viewing group summaries ...................................................................... 304
Configuring settings for client groups..................................................... 305
Managing client configurations and software............................................... 306
Deploying FortiClient agent configurations ............................................ 306
Retrieving a FortiClient agent configuration ........................................... 307
Working with FortiClient software upgrades .......................................... 308
FortiClient license keys ........................................................................... 309
Working with Web Filter profiles................................................................... 310
About Web Filtering ................................................................................ 310
Viewing and editing Web Filter profiles .................................................. 311
Configuring a Web Filter profile .............................................................. 311
Configuring FortiClient Manager system settings ........................................ 312
Configuring FortiClient Manager clustering .................................................. 313
Configuring FortiClient Manager cluster members................................. 313
Configuring email alerts ................................................................................ 314
Configuring LDAP for Web Filtering.............................................................. 315
Configuring LDAP settings...................................................................... 315
Configuring an LDAP server ................................................................... 315
Working with Windows AD users and groups ........................................ 316
Active Directory Organizational Units Grouping ..................................... 317
Configuring FortiClient group-based administration .................................... 319
Assigning group administrators .............................................................. 320
FortiManager v4.0 MR3 Patch Release 3 Administration Guide
02-434-167503-20120406 9
http://docs.fortinet.com/ • Feedback
10. Table of Contents
Configuring enterprise license management ................................................ 320
Configuring an enterprise license ........................................................... 321
Creating a customized FortiClient installer ............................................. 322
Configuring FortiClient agent settings .......................................................... 322
Viewing system status of a FortiClient agent.......................................... 323
Configuring system settings of a FortiClient agent................................. 325
Adding trusted FortiManager units to a FortiClient agent ...................... 327
Managing pending actions for a FortiClient agent.................................. 328
Configuring the log settings of a FortiClient agent ................................. 329
Configuring Lockdown Settings ............................................................. 330
Configuring the VPN settings of a FortiClient agent ............................... 330
Configuring a VPN security policy on a FortiClient agent....................... 331
Configuring VPN options of a FortiClient agent...................................... 331
Configuring WAN Optimization settings of a FortiClient agent .............. 332
Configuring AntiVirus settings on a FortiClient agent ............................. 333
AntiVirus scans ....................................................................................... 334
Configuring AntiVirus options ................................................................. 335
Viewing the firewall monitor of a FortiClient agent ................................. 340
Creating firewall policies on a FortiClient agent ..................................... 341
Configuring firewall addresses on a FortiClient agent ............................ 343
Configuring firewall address groups on a FortiClient agent ................... 344
Defining firewall applications on a FortiClient agent............................... 345
Defining firewall protocols on a FortiClient agent................................... 346
Configuring firewall protocol groups on a FortiClient agent ................... 347
Configuring firewall schedules on a FortiClient agent ............................ 348
Configuring firewall schedule groups ..................................................... 349
Configuring trusted IPs exempted from intrusion detection................... 349
Configuring ping servers for a FortiClient agent firewall......................... 350
Setting the firewall options of a FortiClient agent................................... 350
Selecting a Web Filter profile for a FortiClient agent .............................. 352
Configuring Web Filter options on a FortiClient agent ........................... 353
Configuring Email Filter settings on a FortiClient agent ......................... 354
Configuring Email Filter options.............................................................. 355
Configuring anti-leak options on a FortiClient agent .............................. 356
High Availability.................................................................................... 357
HA overview.................................................................................................. 357
Synchronizing the FortiManager configuration and HA heartbeat ......... 358
If the primary unit or a backup unit fails ................................................. 358
FortiManager HA cluster startup steps................................................... 359
Configuring HA options ................................................................................ 359
General FortiManager HA configuration steps ....................................... 361
Web-based Manager configuration steps .............................................. 362
FortiManager v4.0 MR3 Patch Release 3 Administration Guide
02-434-167503-20120406 10
http://docs.fortinet.com/ • Feedback
11. Table of Contents
Monitoring HA status .................................................................................... 364
Upgrading the FortiManager firmware for an operating cluster ................... 365
FortiManager Firmware ...................................................................... 366
Introduction to FortiManager OS v4.0 Major Release 3 ............................... 366
Cautions and Limitations .............................................................................. 366
Limitations............................................................................................... 367
Upgrade Information..................................................................................... 368
Upgrading from FortiManager v4.0 MR2 ................................................ 368
Upgrading from FortiManager v4.0 MR3 ................................................ 369
Upgrading from FortiManager Beta release ........................................... 370
Upgrading FortiManager firmware for a cluster...................................... 370
Downgrading FortiManager .................................................................... 370
FortiManager Best Practices ........................................................................ 370
Appendix A ............................................................................................ 371
Product Life Cycle Information ..................................................................... 371
Software Support Policy............................................................................... 371
Appendix B ............................................................................................ 372
FortiManager-VM System Requirements ..................................................... 372
FortiManager-VM Licence Enhancements ................................................... 372
Index ......................................................................................................373
FortiManager v4.0 MR3 Patch Release 3 Administration Guide
02-434-167503-20120406 11
http://docs.fortinet.com/ • Feedback
12. Table of Figures
FortiManager conceptual diagram .................................................................. 28
Management module....................................................................................... 30
Default FortiManager Configuration window ................................................... 33
Main tool bar.................................................................................................... 34
Unit operation actions in the Web-based Manager......................................... 37
Enabling ADOMs ............................................................................................. 39
Backup mode ADOM device revision history .................................................. 41
ADOM table ..................................................................................................... 41
Add an ADOM.................................................................................................. 43
ADOM dashboard example ............................................................................. 46
FortiManager system dashboard..................................................................... 48
Adding a widget............................................................................................... 49
A minimized widget ......................................................................................... 50
System Information widget.............................................................................. 51
System Resource widget (Real Time display).................................................. 52
System Resource widget (Historical display) .................................................. 52
Edit System Resources Settings window........................................................ 53
Device Summary widget.................................................................................. 54
VM License Information widget ....................................................................... 54
Unit Operation widget...................................................................................... 55
RAID Monitor displaying a RAID array without any failures............................. 55
Alert Message Console widget ........................................................................ 57
List of all alert messages ................................................................................. 57
CLI Console widget ......................................................................................... 58
Edit Host Name dialog box.............................................................................. 59
Time Settings dialog box ................................................................................. 60
Firmware Upgrade dialog box ......................................................................... 61
Backup dialog box........................................................................................... 63
All Settings Configuration Restore dialog box................................................. 64
RAID Settings .................................................................................................. 66
Network screen................................................................................................ 69
Network interface list ....................................................................................... 70
Configure network interfaces........................................................................... 71
Routing Table................................................................................................... 72
Create New route............................................................................................. 72
Local Certificates window ............................................................................... 73
Local Certificate Detail..................................................................................... 74
Cluster Settings dialog box ............................................................................. 75
Administrator session list................................................................................. 77
Administrator list.............................................................................................. 78
Creating a new Administrator account ............................................................ 79
Editing an administrator account..................................................................... 80
Administrator profile list................................................................................... 82
Create new administrator profile ..................................................................... 84
Edit administrator profile window .................................................................... 85
FortiManager v4.0 MR3 Patch Release 3 Administration Guide
02-434-167503-20120406 12
http://docs.fortinet.com/ • Feedback
13. Table of Figures
RADIUS server list ........................................................................................... 86
New RADIUS Server window........................................................................... 87
LDAP server list ............................................................................................... 88
New LDAP server dialog box........................................................................... 89
New TACACS+ server dialog box.................................................................... 91
Administrative settings dialog box................................................................... 92
FortiGuard Center dialog box .......................................................................... 94
Server settings dialog box ............................................................................... 95
Firmware images list ........................................................................................ 96
SNMP configuration ........................................................................................ 98
FortiManager SNMP Community................................................................... 100
System objects metadata .............................................................................. 104
Add meta-field (system object)...................................................................... 105
Config objects metadata ............................................................................... 106
Add meta-field (config object) ....................................................................... 106
Advanced settings ......................................................................................... 107
Alert event window ........................................................................................ 108
Create new alert event window ..................................................................... 108
Mail server window ........................................................................................ 110
Mail server settings........................................................................................ 110
Syslog server window.................................................................................... 110
Syslog server settings.................................................................................... 111
Alert message console window ..................................................................... 111
Alert console settings .................................................................................... 111
Log setting window ....................................................................................... 113
Add Device icon............................................................................................. 115
Add Device Wizard Login window ................................................................. 116
Import device summary window.................................................................... 116
Discover method summary window .............................................................. 117
Add Model Device method window............................................................... 118
Importing device additional information window........................................... 119
Zone map window ......................................................................................... 120
Import policy summary .................................................................................. 121
Import object summary.................................................................................. 122
Device import successful window ................................................................. 123
Import device summary window.................................................................... 124
Adding device additional information window............................................... 125
Adding device model additional information window.................................... 126
Confirmation of success or failure ................................................................. 127
Zone map window ......................................................................................... 128
Add device summary window ....................................................................... 129
Add model device summary window ............................................................ 129
Install icon...................................................................................................... 130
Install policy package .................................................................................... 130
Policy package device selection window ...................................................... 131
Policy package zone validation window........................................................ 132
Policy package policy validation window ...................................................... 133
Policy package installation window............................................................... 134
Device installation history .............................................................................. 134
Install device settings only............................................................................. 135
FortiManager v4.0 MR3 Patch Release 3 Administration Guide
02-434-167503-20120406 13
http://docs.fortinet.com/ • Feedback
14. Table of Figures
Device settings device selection window ...................................................... 136
Device settings successful installation window............................................. 137
Device settings failed installation window ..................................................... 137
Device installation history .............................................................................. 138
Device Manager device list layout ................................................................. 140
Right click menu options ............................................................................... 141
Example FortiGate unit summary .................................................................. 143
A device list filter set to display devices with IP addresses in the range of
1.1.1.1-1.1.1.2................................................................................................ 145
A device list filter set to display all devices except one named “MyDevice” 146
A device list filter set to display devices with Connection Status set to
“Connection Up”............................................................................................ 146
Device Manager right-click menu .................................................................. 150
Create new virtual domain ............................................................................. 158
Adding a group .............................................................................................. 161
Device group summary screen ...................................................................... 162
Enable chassis management......................................................................... 163
CLI Console ................................................................................................... 169
Management module..................................................................................... 171
Policy window................................................................................................ 171
Create new policy package ........................................................................... 173
Enter new policy package details .................................................................. 174
Edit Policy Package dialog box ..................................................................... 175
Consistency Check dialog box ...................................................................... 176
Policy Check dialog box ................................................................................ 176
Consistency check results window ............................................................... 177
Managing Objects and Dynamic Objects ...................................................... 178
Example Object table .................................................................................... 178
Creating a new Firewall object address......................................................... 179
Where Used dialog box ................................................................................. 180
Search Objects dialog box ............................................................................ 180
New local user window.................................................................................. 181
VPN List ......................................................................................................... 182
Create VPN window....................................................................................... 184
Add VPN Managed Gateway dialog box ....................................................... 189
Add VPN External Gateway dialog box ......................................................... 190
Configuration and Installation Status widget................................................. 192
Revision History Tab...................................................................................... 193
Add a tag to a configuration version ............................................................. 194
Revision Diff window ..................................................................................... 196
Dashboard Licensing widget ......................................................................... 197
Web Portal Window ....................................................................................... 205
Add a Web Portal Profile ............................................................................... 205
Blank Web Portal Window ............................................................................. 206
Adding web portal content ............................................................................ 206
Logo Preferences .......................................................................................... 207
Portal Properties window .............................................................................. 208
Add User window .......................................................................................... 209
Add External User window ............................................................................ 209
Java-based administration client login screen .............................................. 213
FortiManager v4.0 MR3 Patch Release 3 Administration Guide
02-434-167503-20120406 14
http://docs.fortinet.com/ • Feedback
15. Table of Figures
Java-based administration client main window ............................................ 214
Default main menu bar .................................................................................. 215
Java-based manager content pane............................................................... 216
Reorganizing tabs in the Java-based administration client........................... 217
Policy Editor widow ....................................................................................... 217
Individual Device View ................................................................................... 219
Scheduling a script ........................................................................................ 220
CLI Script Repository .................................................................................... 221
Create or Edit a script.................................................................................... 222
Cloning a script.............................................................................................. 224
Enable FortiGuard settings ............................................................................ 249
FortiGuard AntiVirus and IPS Settings........................................................... 251
Overriding FortiGuard Server......................................................................... 258
Manually uploading AV or IPS updates ......................................................... 259
Device group Service Usage: License Information........................................ 263
Firmware Information (device) ....................................................................... 269
Firmware Information (group) ........................................................................ 269
Firmware Images ........................................................................................... 271
Upload Firmware Image dialog box............................................................... 273
Example RTM Dashboards............................................................................ 275
Rename a dashboard .................................................................................... 276
Reset a dashboard ........................................................................................ 276
Add Monitor window ..................................................................................... 276
Viewing alert events....................................................................................... 277
Adding alert events ........................................................................................ 278
Mail server list ................................................................................................ 279
Adding mail servers ....................................................................................... 280
SNMP access list........................................................................................... 281
Adding a SNMP community .......................................................................... 282
Syslog server list............................................................................................ 283
Adding Syslog Server .................................................................................... 283
Alert message console .................................................................................. 284
Device Log Setting ........................................................................................ 285
Device Log Access ........................................................................................ 286
FortiClient Manager ....................................................................................... 289
Example of how FortiClient Manager determines the group names for OU
groups............................................................................................................ 318
Cluster Settings ............................................................................................. 360
FortiManager HA status................................................................................. 364
FortiManager v4.0 MR3 Patch Release 3 Administration Guide
02-434-167503-20120406 15
http://docs.fortinet.com/ • Feedback
17. Introduction
FortiManager centralized management appliances deliver the essential tools needed to
effectively manage your Fortinet-based security infrastructure.
Using the FortiManager system, you can:
• configure multiple FortiGate units (including FortiGate, FortiWiFi, FortiGate-One,
and FortiGate-Virtual Machine), FortiCarrier units, FortiMail units, FortiSwitch units,
and FortiClient endpoint security agents,
• segregate management of large deployments easily and securely by grouping
devices and agents into geographic or functional administrative domains (ADOMs),
• configure and manage VPN policies,
• monitor the status of these units,
• view device logs,
• update the AntiVirus and attack signatures,
• provide Web Filtering and Email Filter service to the licensed devices as a local
FortiGuard Distribution Network (FDN) server.
• update the firmware images of the devices.
The FortiManager system scales to manage up to 5,000 devices and virtual domains
(VDOMS) and up to 120,000 FortiClient agents from a single FortiManager interface. It
is designed for medium to large enterprises and managed security service providers.
FortiManager system architecture emphasizes reliability, scalability, ease of use, and
easy integration with third-party systems.
This section contains the following topics:
• About this document
• FortiManager documentation
About this document
This document describes how to configure and manage your FortiManager system and
the devices that it manages.
The FortiManager system documentation assumes you have one or more FortiGate
units, you have FortiGate unit documentation, and you are familiar with configuring
your FortiGate units before using the FortiManager system. Where FortiManager
system features or parts of features are identical to FortiGate unit, the FortiManager
system documentation refers to the FortiGate unit documentation for further
configuration assistance with that feature.
This document contains the following information:
• What’s New in v4.0 MR3 lists and describes some of the new features and changes
in FortiManager v4.0 MR3 Patch Release 3.
• Fortinet Management Theory describes key features of the FortiManager system.
FortiManager v4.0 MR3 Patch Release 3 Administration Guide
02-434-167503-20120406 17
http://docs.fortinet.com/ • Feedback
18. Introduction About this document
• Using the Web-based Manager introduces the FortiManager Web-based Manager
interface that is used to manage and configure supported Fortinet units and
FortiClient agents, and to view FortiGate unit configuration, device status, system
health, real time logs, and historical logs.
• Administrative Domains (ADOMs) describes ADOMs that can define sets of devices
to be controlled by one or more administrators.
• System Settings describes how to control and monitor the operation of the
FortiManager system, including network settings, managing firmware revisions,
configuration backup and administrator access.
• Using FortiManager Wizards describes how to use the Install, Add Device, and
Import Device wizards.
• Device Management describes adding, configuring and managing devices, Virtual
Domains (VDOMs) and working with device groups.
• Policies and Objects describes policy workflow, provisioning, policy packages,
objects and dynamic objects.
• VPN Console describes how to configure a VPN and firewall policies.
• Installing Device Configurations describes installing configuration changes to the
devices and pulling the existing configurations from the devices.
• Advanced Features describes administrative web portals and portal access.
• Application Program Interfaces
• Java-based Administration Client introduces the FortiManager java-based
administration client tool that can used to manage and configure supported devices
and FortiClient agents.
• Working with Scripts describes how to create and manage scripts from devices that
are in operation. Administrators can use functions, such as the configure function,
the debug function, the show function, and the get function, to manage devices
using scripts.
• FortiGuard Services describes how to use the FortiManager system as a local
update server for AV and IPS signatures and a on-site FDN server for FortiGuard
Web Filtering and Email Filter services.
• Firmware and Revision Control describes how to view, download and install device
firmware images.
• Real-Time Monitor describes how to monitor the status of a number of devices,
system alerts and device log.
• FortiClient Manager describes how to use the FortiClient Manager to centrally
manage FortiClient agents.
• High Availability describes how to configure and manage a FortiManager high
availability clusters.
• FortiManager Firmware
FortiManager v4.0 MR3 Patch Release 3 Administration Guide
02-434-167503-20120406 18
http://docs.fortinet.com/ • Feedback
19. Introduction FortiManager documentation
FortiManager documentation
The following FortiManager product documentation is available:
• FortiManager Administration Guide
This document describes how to set up the FortiManager system and use it to
manage supported Fortinet units and FortiClient agents. It includes information on
how to configure multiple Fortinet units and FortiClient agents, configuring and
managing the FortiGate VPN policies, monitoring the status of the managed
devices, viewing and analyzing the FortiGate logs, updating the virus and attack
signatures, providing Web Filtering and Email Filter service to the licensed FortiGate
units as a local FortiGuard Distribution Network (FDN) server, firmware revision
control and updating the firmware images of the managed units and agents.
• FortiManager System QuickStart Guide
This document is included with your FortiManager system package. Use this
document to install and begin working with FortiManager system and FortiManager
Web-based Manager.
• FortiManager online help
You can get online help from the FortiManager Web-based Manager. FortiManager
online help contains detailed procedures for using the FortiManager Web-based
Manager to configure and manage FortiGate units.
• FortiManager CLI Reference
This document describes how to use the FortiManager CLI and contains a
reference to all FortiManager CLI commands.
• FortiManager Release Notes
This document describes the new features and enhancements in the FortiManager
system since the last release and lists the resolved and known issues. This
document also defines supported platforms and firmware versions.
• FortiManager Log Message Reference Guide
The FortiManager Log Message Reference Guide describes the structure of
FortiManager log messages and provides information about the log messages that
are generated by the FortiManager system.
FortiManager v4.0 MR3 Patch Release 3 Administration Guide
02-434-167503-20120406 19
http://docs.fortinet.com/ • Feedback
20. What’s New in v4.0 MR3
This chapter lists and describes some of the key changes and new features added to
the FortiManager system.
Note: This document was written for FortiManager v4.0 MR3 Patch Release 5.
Global Policy improvements
Global Policy evaluation
FortiManager v4.0 MR3 Patch Release 3 includes a limited Global Policy feature that
allows administrators to evaluate the Global Policy feature before purchasing the
Global Policy license.
When a license key is not installed on the FortiManager, you will be able to enable the
Global Policy feature, however the following will be enforced:
• Only the default policy package can be used
• A maximum of ten policies can be defined in the default package
• A maximum of ten objects can be defined.
Note: The Global Policy license is now available for the FortiManager 400B, 400C, 1000C,
3000B, 3000C, 5001A and FortiManager VM-Base (4.3).
Assigning Global Policies to ADOMs
FortiManager v4.0 MR3 Patch Release 3 allows you to specify which policy package
within each ADOM, will inherit the Global Policy or Global Database. This enhancement
provides a finer granularity to assign specific policy packages within each ADOM.
Add Global Zone to Global Policy
FortiManager v4.0 MR3 Patch Release 3 adds a Global Zone objects menu and table
for adding global zones to global policies. The following changes are included:
• Within an ADOM, the global zones are read-only and can not be deleted or edited in
the Objects database.
• You will need to populate the global zones with interfaces from each device
manager.
• Global zones can be used for both Global level policy packages as well as ADOM
level policy packages, after it is assigned from global to the specified ADOM.
FortiManager v4.0 MR3 Patch Release 3 Administration Guide
02-434-167503-20120406 20
http://docs.fortinet.com/ • Feedback
21. What’s New in v4.0 MR3 Administrative Domain (ADOM)
Section View for Global and ADOM Policy Packages
FortiManager v4.0 MR3 Patch Release 3 improves the section view menu, by zone
with custom label sections. This change adds the following features:
• View with global sections or with zone sections with custom labels
• Option to toggle between views
• Support for both ADOM and Global Policy packages.
Administrative Domain (ADOM)
The following improvements have been made to the ADOM list page:
• When the global admin user logs in, they are directed to the ADOM list page.
• When selecting the ADOM name, the left menu item will be selected and the ADOM
dashboard will be displayed.
• The right-click context menu has a new option to enter the ADOM.
• A search field has been added to the navigation pane to quickly search for a
specific ADOM.
• If backup mode has been configured, backup is displayed beside the ADOM name
in the column.
• A new column has been added to show if the ADOM has any alerts and a count of
the number of alerts.
• A status icon is displayed beside each device to show if communication is up or
down.
• When you hover the mouse pointer over an ADOM, an Enter dialogue box appears.
Left-click Enter to enter the ADOM menu.
ADOM Backup and Revision Control
FortiManager v4.0 MR3 Patch Release 2 introduced two administrative domain
(ADOM) configuration modes: Normal, and Backup. FortiManager v4.0 MR3 Patch
Release 3, introduces improvements with how the FortiManager handles backup and
revision control in both these modes of operation. See “Administrative Domains” on
page 38 for more information.
Install Wizard/Import Wizard
FortiManager v4.0 MR3 Patch Release 3 provides enhancements to the install wizard
and import wizard. These changes include:
• Clear description of error messages
• Preview option to view the installation changes for a policy package
• Preview option for device settings installation
Add Device Wizard, Fast Forward Support
An option has been added to device discovery that allows you to ignore prompts when
adding or importing a device unless errors occur. If the device has VDOMs, this option
is hidden on the discovery page and displayed on the VDOM page.
FortiManager v4.0 MR3 Patch Release 3 Administration Guide
02-434-167503-20120406 21
http://docs.fortinet.com/ • Feedback
22. What’s New in v4.0 MR3 Policy usability
Import Policy
FortiManager v4.0 MR3 Patch Release 3 provides enhancements to the import policy
wizard which allows you to select specific policies to import. This granularity provides
you with more control over the device and policy import process. Both IPv4 and IPv6
policies are supported.
Virtual Domain (VDOM)
FortiManager v4.0 MR3 Patch Release 3 provides the following improvements to the
Import Wizard and Device Management to handle the import of multiple VDOMs and
import of devices/VDOMs when upgrading or moving devices between ADOMS:
• New Add VDOM page in the Import Wizard
• If the device has VDOMs enabled with more than one VDOM, the ADD VDOM page
will be displayed.
• The first VDOM will be selected by default, as each VDOM is imported, it will be
greyed out in the list.
• You can specify a specific VDOM to import
• You can select the Import All checkbox to automatically import all VDOMs, or any
remaining VDOMs that have not been imported.
• You can choose the Skip Remaining button to ignore any remaining VDOMs and
jump straight to the summary page.
Once a VDOM is added, you will return to the Add VDOM page.
Policy usability
FortiManager v4.0 MR3 Patch Release 3 adds a Set Profile option in the right-click
menu on the policy page. You can use option to assign a new profile to the firewall
policy without having to remove and re-add the profile or open the edit policy page.
Multiple policy edit
FortiManager v4.0 MR3 Patch Release 3 provides an enhancement to allow you to
select multiple policies and then right-click to modify the UTM settings for all the
selected policies.
FortiToken support
FortiManager v4.0 MR3 Patch Release 3 provides FortiToken support as a configurable
object. See “FortiToken configuration example” on page 180.
Management model
The FortiManager system in v4.0 MR3 has been changed from what you may be used
to from earlier versions. In previous versions there were 2 modes of operation: EMS
and GMS. In v4.0 MR3, these have been combined into a single, united workflow that
is suitable for users of either mode.
FortiManager v4.0 MR3 Patch Release 3 Administration Guide
02-434-167503-20120406 22
http://docs.fortinet.com/ • Feedback
23. What’s New in v4.0 MR3 FortiManager VM licensing changes
The new management model has the following configuration management
components per ADOM:
• Policy & Objects
• Real-Time Monitor
• FortiClient Manager
• Add Device Wizard
• Install Wizard
• Device Settings Management:
• Device Summary & Status
• VDOM Synchronization
• Web-based Manager Scripts
For more information on the new management model, see “Fortinet Management
Theory” on page 25.
FortiManager VM licensing changes
With FortiManager v4.0 MR3 Patch Release 3, the following changes have been made
to FortiManager-VM:
• Automatic fifteen (15) day evaluation license
• Removal of requirement to have FortiManager-VM contact FortiGuard Distribution
Servers (FDS) for license activation
• Stackable license model for FortiManager-VM license add-ons
• License can be applied through the FortiManager-VM CLI.
See “FortiManager-VM Licence Enhancements” on page 372.
Web-based Manager changes
FortiManager v4.0 MR3 includes a number of changes to the Web-based Manager:
• Tab Bar
The Web-based Manager now features a tab bar to improve its organization and
simplify access to important system functions.
• System Settings
The System menu in the Web-based Manager has been improved to make it easier
to use. Improved support for widgets has been added.
• Installation Improvements
FortiManager v4.0 MR3 simplifies installation of updates to managed devices,
allowing “1-click” installation of updates.
• Policy Table Improvements
The Policy Table has had several improvements made, including contextual menus,
to improve usability.
FortiManager v4.0 MR3 Patch Release 3 Administration Guide
02-434-167503-20120406 23
http://docs.fortinet.com/ • Feedback