Please use Dynamic objects if you manage several different organizations FortiGates with your Manager. It will save you a lot of hassle and will enable you to use the same policy across the board and the IP's etc change appropriately.
Please use Dynamic objects if you manage several different organizations FortiGates with your Manager. It will save you a lot of hassle and will enable you to use the same policy across the board and the IP's etc change appropriately.
I'm considering getting a FortiManager for my environment, currently have 11 FGTS in production 4 of which are 1500D clusters.. Trying to keep things like SSL-DPI Exceptions in Sync across the board is PAINFUL! However, I've heard that the FTMGR has a pretty steep learning curve that comes with it, much like the FAZ when needing reports.
Buy one, set it up in a lab with 2-4 fortigates. Spend all day pushing different configs or changes to it. It isn't intuitive but it is.....I know that sounds weird. It doesn't make sense until you dive in really.
I've a an old FTMGR 1000C sitting here that I just updated to 5.2.9 and I'm thinking about syncing to my home/Prod 90D. You're right, It's totally not intuitive at all and I'm quite freaked out about it. Perhaps i will wait until I get some other devices hooked into it and leave my Prod/90D alone for now.
Yeah, get a few test Gates and run them off of it and play away
Ok, next week I will be bringing home 3-4 FWF-40c's and playing with the FMGR.
Home Prod: FGT-90D / FortiOS 5.4.1
Supported FGTs: x6 800Cs /FortiOS 5.2.9 & 5.4.1 | x2 FGT-1500D Clusters / FortiOS 5.2.9
"Find your passion and go for it!"
How did your testing go? The FortiManager is super powerful but definitely able to nuke a device or deployment of devices REALLY quick if you aren't careful!
Posting Permissions
Reply With Quote