Management & Analytics

Expand all | Collapse all


  • 1.  Fortimanager

    Posted Dec 01, 2020 11:55 AM
    Hello People , 

    We have a customer having different Branch offices connected via IPSEC and there is no centrailised DC .

    They have a fortianalyser and all the branch offices are sending logs to FAZ via IPSEC vpns

    Customer is looking for a Firewall Management solution which of course should be FortiManager in this case .

    what should be the best approach :

    Fortimanager in cloud ( SaaS) and let all the firewalls connect to it over VPN ?

    Placing Fortimanager on a particular office ( lets say head office) brings management connectivity via IPSEC and if Tunnel is down for some reason .even local FW changes will be impacted . What do you say ?

    Can Fortimanager in cloud co-exist with FAZ on prem ?

    Anyone pls provide Best FMG guidelines


  • 2.  RE: Fortimanager

    Posted Jan 16, 2021 07:45 PM
    FortiManager and FortiAnalyzer are designed to co-exist, one will not affect the other. FortiManager has some basic FortiAnalzyer features for small clients, but for larger deploys having both is required. One is for mgmt of firewalls, one is for logging centralization. The mgmt tunnels for each channel are separate.

    You can do FortiManager cloud, and leave the FAZ on premise just fine.