High Availability – FortiManager 5.2

Leave a reply

Monitoring HA status

Go to System Settings > HA to monitor the status of the FortiManager units in an operating HA cluster. The FortiManager HA status dialog box displays information about the role of each cluster unit, the HA status of the cluster, and also displays the HA configuration of the cluster.

The FortiManager Web-based Manager browser window title changes to indicate that the FortiManager unit is operating in HA mode. The following text is added to the title HA (Group ID: <group_id>). Where <group_id> is the HA Group ID.

 

Upgrading the FortiManager firmware for an operating cluster

The following information is displayed:

Mode The role of the FortiManager unit in the cluster. The role can be:

l Master: for the primary (or master) unit. l Slave: for the backup units.
Cluster Status The cluster status can be Up if this unit is received HA heartbeat packets from all of its configured peers. The cluster status will be Down if the cluster unit is not receiving HA heartbeat packets from one or more of its configured peers.
Module Data Synchronized The amount of data synchronized between this cluster unit and other cluster units.
Pending Module Data The amount of data waiting to be synchronized between this cluster unit and other cluster units.

Upgrading the FortiManager firmware for an operating cluster

You can upgrade the FortiManager firmware of an operating FortiManager cluster in the same was a upgrading the firmware of a standalone FortiManager unit. During the firmware upgrade procedure, you connect to the primary unit Web-based Manager or CLI to upgrade the firmware. Then install the firmware on the slave units.

Similar to upgrading the firmware of a standalone FortiManager unit, normal FortiManager operations are temporarily interrupted while the cluster firmware upgrades. As a result of this interruption, you should upgrade the firmware during a maintenance period.

To upgrade FortiManager HA cluster firmware:

  1. Log into the primary unit Web-based Manager.
  2. Upgrade the primary unit firmware.

The firmware is forwarded to all the slave units, and then all the devices (master and slaves) are rebooted.

See the FortiManagerRelease Notes and FortiManagerUpgrade Guide for more information.

Administrators may not be able to connect to the FortiManager Web-based Manager until the upgrade synchronization process is complete. During the upgrade, using SSH or telnet to connect to the CLI may also be slow, however use the console to connect to the CLI.

 

 

Pages: 1 2 3 4 5 6
This entry was posted in Administration Guides, FortiManager and tagged , on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.