Table of Contents
With today’s challenging cybersecurity landscape, Security teams are falling behind due to resource constraints and an inability to keep up with the latest threats. Complexity and the unknown diminish security effectiveness – NOC-SOC helps to rejuvenate and strengthen your Security Posture. Operationalizing Security improves response time and awareness, and Fortinet’s Security Fabric is the foundation of that new approach. FortiManager provides one console to manage your network, giving you full control for your Fortinet devices with enterprise-class centralized management. FortiManager offers a common GUI to manage all your Fortinet License products including FortiGates, FortiAPs, FortiSwitches, FortiClients, Managed FortiAnalyzers and more, reducing the complexity and number of skilled personnel required to manage the network.
FortiManager’s Security Operationalized Visibility across your Fortinet Security Fabric enables true security effectiveness and foresight to identify and understand the scope of threats, and facilitates actionable response and remediation of risks. Quantifiable Security solution information such as Security Maturity and Security Ratings produce measureable accountability, and use those ratings to compare your security preparedness internally and to that of your industry peers. Centralized Change Management helps you update policies and objects, maintain provisioning templates and easily configure changes to your APs, Switches, SD-WAN and SDN connectors and more, including Workflow Integration with ITSM (ServiceNow) to mitigate security events and apply configuration changes and policy updates.
- Provides easy centralized configuration, policy-based provisioning, update management, and end to-end network monitoring for your Fortinet installation
- Segregate management of large deployments easily and securely by grouping devices and agents into geographic or functional ADOMs
- Manage units in a Security Fabric group as if they were a single device and display the security fabric topology
- Reduce your management burden and operational costs with fast device and agent provisioning, detailed revision tracking, and thorough auditing capabilities
- Easily manage complex mesh and star VPN environments while leveraging FortiManager License as a local distribution point for software and policy updates
- Seamless integration with FortiAnalyzer appliances provides in-depth discovery, analysis, prioritization and reporting of network security events
- Quickly create and modify policies/objects with a consolidated, drag and drop enabled, in-view editor
- Script and automate device provisioning, policy pushing, etc. with JSON APIs or build custom web portals with the XML API
- Leverage powerful device profiles for mass provisioning and configuration of managed devices
- Centrally control firmware upgrades and content security updates from FortiGuard Center Threat Research & Response
- Deploy with either a physical hardware appliance or virtual machine with multiple options to dynamically increase storage
Single Pane-of-Glass Management
Fortinet Security Fabric delivers sophisticated security management for unified, end-to-end protection. Deploying Fortinet-based security infrastructure to battle advanced threats, and adding FortiManager to provide single-pane-of-glass management across your entire extended enterprise provides insight into network-wide traffic and threats. FortiManager offers enterprise-class features to contain advanced threats, but also delivers the industry’s best scalability to manage up to 100,000 Fortinet devices. FortiManager, coupled with the FortiAnalyzer family of centralized logging and reporting appliances, provides a comprehensive and powerful centralized management solution for your organization.
Multi-Tenancy and Heirarchical — Administrative Domains (ADOMs) FortiManager provides a hierarchical objects database to facilitate re-use of common configurations and a multi-tenancy architecture to serve multiple customers. The graphical interface makes it easy to view, create and manage ADOMs. You can use ADOMs to manage independent security environments, each ADOM with its own security policies and configuration database. FortiManager enables you to group devices logically or geographically for flexible management, and the zero-touch deployment uses templates to provision devices for quick mass deployment. Define global objects such as Firewall Objects, Policies and Security Profiles to share across multiple ADOMs. Granular permissions allow assigning ADOMs, devices and policies to users based on role and duties.
Configuration and Settings Management
Collectively configure the device settings, objects and policies across your network from a single user interface. The VPN manager simplifies the deployment and allows centrallyprovisioned VPN community and monitoring of VPN connections on Google Map. FortiAP Manager allows configuring, deploying and monitoring FortiAPs from a single console with Google Map view. The FortiClient Manager allows centralized configuration, deployment, and monitoring of FortiClients. FortiManager also provides the ability to centrally manage up to 100,000 FortiGate security appliances.
Workflow for Audit and Compliance
FortiManager License enables you to review, approve and audit policy changes from a central place, including automated processes to facilitate policy compliance, policy lifecycle management, and enforced workflow to reduce risk for policy changes.
Locally Hosted FortiGuard Labs Security Content
Host security content locally for greater control over security content updates and improved response time for rating database. Includes support for: Application Control and Intrusion Prevention updates, Vulnerability Management, Antispam, Antivirus and Web Filtering updates.
Monitor and Report for Deep Visibility
Access vital security and network statistics, as well as realtime monitoring and integrated reporting provides visibility into network and user activity. For more powerful analytics, combinez with a FortiAnalyzer appliance for additional data mining and graphical reporting capabilities.
Managed FortiAP & FortiExtender
Centrally manage FortiAP access points that are controlled by FortiGate devices, through FortiManager. WiFi Templates allow you to create and manage AP profiles, SSIDs, and Wireless Intrusion Detection System (WIDS) profiles and assign to managed FortiAP devices. View FortiGate controllers on a map and monitor connected clients and information about all the APs for FortiGates (fig 2). FortiExtender can be used as a primary connection or deployed as a backup connection to ensure reliability.
You can now use the new Add FortiAnalyzer device wizard to add a FortiAnalyzer unit to FortiManager to better support managed devices with logging enabled. All devices with logging enabled will automatically send logs to the FortiAnalyzer device. You can use FortiManager to remotely access FortiView, Log View, Events Managements, and Reports on the managed FortiAnalyzer unit.
API for Automation and Orchestration
RESTful API allows MSSPs/large enterprises to create customized, branded web portals for policy and object administration. Automate common tasks such as provisioning new FortiGates and configuring existing devices. Join Fortinet Developer Network (FNDN) to access exclusive articles, how-to content for automation and customization, community-built tools, scripts and sample code.
Central SD-WAN Deployment and Monitoring
Centrally monitor SD-WAN performance. Monitor your devices on Map view with color coded icons and mouse over to view health performance statistics for each SDWAN link member. Table View provides more granular information for each SD-WAN link member, including link status, application performance and bandwidth usage.
The FortiSwitch Manager module enables you to centrally manage FortiSwitch templates and VLANs, and monitor FortiSwitch devices that are connected to FortiGate devices. You can configure multiple templates for specific FortiSwitch platforms that can be assigned to multiple devices. View as a graphical representation of the connected FortiSwitch devices (fig 4)
Fortinet offers the FortiManager VM in a stackable license model. This model allows you to expand your VM solution as your environment expands. Utilizing virtualization technology, FortiManager-VM is a software-based version of the FortiManager hardware appliance and is designed to run on many virtualization platforms. It offers all the features of the FortiManager hardware appliance. The FortiManager virtual appliance family minimizes the effort required to monitor and maintain acceptable use policies, as well as identify attack patterns that can be used to fine tune the security policy, thwarting future attackers.