fortimanager - exclusive networks · 2013-05-13 · fortimanager appliances fmg-200d licensed...

1

December 9, 2012

FortiManager Matteo Arrigoni

October, 2012

2

Fortinet Product Portfolio

FortiMail Messaging Security

Gateway

FortiWeb Web Application

Firewall

FortiDB Database Security

Solution

FortiScan Vulnerability

Management

FortiDDoS Application D/DOS

Mitigator

Network Services

FortiGate Network Security

Platform

FortiAP Wireless Access

FortiSwitch Wired Access

FortiToken 2-Factor Authentication

FortiClient Endpoint Security

FortiBalancer Application Delivery

FortiDNS High Performance

DNS Server

FortiCache Content Caching

FortiVoice VoIP & IP Telephony

FortiAuthenticator Access Management

Management FortiManager Centralized Device

Manager

FortiAnalyzer Centralized Logging

& Reporting

Services FortiGuard Security & Network

Services

FortiCare Support Services

FAMS Hosted Services

Security

Also Available as Virtual Appliance

3

What is FortiManager?

• For any types of FortiGate devices

• Manage from several to thousand FortiGate devices

• Different tab for network and security configuration

FortiGate’s Central Management solution

FortiGate FortiWifi FortiGate-VM FortiCarrier

.…

4

• Manage security policies, backup files,

firmwares, and logs

Three-tier Management Model

• Enforce the security policies

• Design and write security policies using

intuitive consoles

SS

L-E

ncry

pte

d C

om

mu

nic

ati

on

s

5

What’s about the Managed FortiGate unit?

• Changes performed on a managed FortiGate unit, to some extent, will

be retrieved automatically by the FortiManager

System & network settings will be

retrieved automatically…

Security Policy Settings won’t be retrieved automatically.

Use the FortiManager Import Policy Wizard…

6

A Large Set of Management Consoles

CLI WEBUI GUI API

SSH TELNET CONSOLE

7

• An Administrative DOMain is a database which is handling objects &

policies shared between a specific set of devices

• One physical FortiManager can host several distinct ADOMs

FortiManager Virtualization with Administrative DOMain

FortiManager

Objects

Policies

…

8

Policy Package Management

• A Policy Package is a set of policies defining the security policy

enforced by one or several FortiGate units

• A single ADOM can manage several policy packages

• Selectable targets per policies

9

Optimize Access to FortiGuard Distribution Network (Locally Hosted Security Content)

• FortiManager can locally host Security Content from the FortiGuard

Distribution Network

10

FortiManager Appliances

FMG-200D

Licensed Network Devices 30

Administration Domains 30

Global Policy Included

Hardware Form Factor Desktop

Total Network Interfaces 4 x 10/100/1000 RJ45 ports

Storage Capacity 1TB

Licensed Network Devices 800

Administration Domains 800

Global Policy Included

Hardware Form Factor Rack Mount (1-RU)

Total Network Interfaces 4 x 10/100/1000 RJ45 ports

Storage Capacity 1TB

Licensed Network Devices 800

Administration Domains 800

Global Policy Included

Hardware Form Factor Rack Mount (1-RU)

Total Network Interfaces 4 x 10/100/1000 RJ45 ports

Storage Capacity 2TB

Licensed Network Devices 5000

Administration Domains 5000

Global Policy Included

Hardware Form Factor Rack Mount (2-RU)

Total Network Interfaces 4 x 10/100/1000 ports, 2 x

SFP ports

Storage Capacity 4TB

11

FortiManager Appliances

Licensed Network Devices 30

Administration Domains 30

Global Policy Included

Hardware Form Factor Desktop

Total Network Interfaces 4 x 10/100/1000 RJ45 ports

Storage Capacity 1TB

FMG-400C

Licensed Network Devices 800

Administration Domains 800

Global Policy Included

Hardware Form Factor Rack Mount (1-RU)

Total Network Interfaces 4 x 10/100/1000 RJ45 ports

Storage Capacity 1TB

Licensed Network Devices 800

Administration Domains 800

Global Policy Included

Hardware Form Factor Rack Mount (1-RU)

Total Network Interfaces 4 x 10/100/1000 RJ45 ports

Storage Capacity 2TB

Licensed Network Devices 5000

Administration Domains 5000

Global Policy Included

Hardware Form Factor Rack Mount (2-RU)

Total Network Interfaces 4 x 10/100/1000 ports, 2 x

SFP ports

Storage Capacity 4TB

12

FortiManager Appliances

Licensed Network Devices 30

Administration Domains 30

Global Policy Included

Hardware Form Factor Desktop

Total Network Interfaces 4 x 10/100/1000 RJ45 ports

Storage Capacity 1TB

Licensed Network Devices 800

Administration Domains 800

Global Policy Included

Hardware Form Factor Rack Mount (1-RU)

Total Network Interfaces 4 x 10/100/1000 RJ45 ports

Storage Capacity 1TB

FMG-1000C

Licensed Network Devices 800

Administration Domains 800

Global Policy Included

Hardware Form Factor Rack Mount (1-RU)

Total Network Interfaces 4 x 10/100/1000 RJ45 ports

Storage Capacity 2TB

Licensed Network Devices 5000

Administration Domains 5000

Global Policy Included

Hardware Form Factor Rack Mount (2-RU)

Total Network Interfaces 4 x 10/100/1000 ports, 2 x

SFP ports

Storage Capacity 4TB

13

FortiManager Appliances

Licensed Network Devices 30

Administration Domains 30

Global Policy Included

Hardware Form Factor Desktop

Total Network Interfaces 4 x 10/100/1000 RJ45 ports

Storage Capacity 1TB

Licensed Network Devices 800

Administration Domains 800

Global Policy Included

Hardware Form Factor Rack Mount (1-RU)

Total Network Interfaces 4 x 10/100/1000 RJ45 ports

Storage Capacity 1TB

Licensed Network Devices 800

Administration Domains 800

Global Policy Included

Hardware Form Factor Rack Mount (1-RU)

Total Network Interfaces 4 x 10/100/1000 RJ45 ports

Storage Capacity 2TB

FMG-3000C

Licensed Network Devices 5000

Administration Domains 5000

Global Policy Included

Hardware Form Factor Rack Mount (2-RU)

Total Network Interfaces 4 x 10/100/1000 ports, 2 x

SFP ports

Storage Capacity 4TB

14

FortiManager Appliances

Licensed Network Devices 30

Administration Domains 30

Global Policy Included

Hardware Form Factor Desktop

Total Network Interfaces 4 x 10/100/1000 RJ45 ports

Storage Capacity 1TB

Licensed Network Devices 800

Administration Domains 800

Global Policy Included

Hardware Form Factor Rack Mount (1-RU)

Total Network Interfaces 4 x 10/100/1000 RJ45 ports

Storage Capacity 1TB

Licensed Network Devices 800

Administration Domains 800

Global Policy Included

Hardware Form Factor Rack Mount (1-RU)

Total Network Interfaces 4 x 10/100/1000 RJ45 ports

Storage Capacity 2TB

Licensed Network Devices 5000

Administration Domains 5000

Global Policy Included

Hardware Form Factor Rack Mount (2-RU)

Total Network Interfaces 4 x 10/100/1000 ports, 2 x

SFP ports

Storage Capacity 4TB FMG-5000A

Licensed Network Devices 4000

Administration Domains 4000

Global Policy Included

Hardware Form Factor ATCA Blade

Total Network Interfaces 2 x 10/100/1000 ports

Storage Capacity 80GB

15

FortiManager Virtual Appliances

FMG-VM

Licensed Network Devices 10 to Unlimited

Administration Domains 10 to Unlimited

Global Policy Included

Hypervisor Supported VMware ESXi / ESX 3.5 /

4.0 / 4.1 / 5.0

vCPUs 1 to 4

Storage Capacity 80GB to 2TB