Tag Archives: fortimanager guides

Policy and Objects – FortiManager 5.2

Policy & Objects

The Policy & Objects tab enables you to centrally manage and configure the devices that are managed by the FortiManager unit. This includes the basic network settings to connect the device to the corporate network, antivirus definitions, intrusion protection signatures, access rules, and managing and updating firmware for the devices.

If the administrator account you logged on with does not have the appropriate permissions, you will not be able to edit or delete settings, or apply any changes. Instead you are limited to browsing. To modify these settings, see Profile.

If workspace is enabled, all policies and objects are read-only until you lock the ADOM. After making any changes you must select the save icon. When unlocking the ADOM, before the save action has been selected, a warning message will open advising you that you have unsaved configuration changes. You can select to save the changes from the warning message dialog box. Alternatively, you can select to lock and edit a specific policy package in the ADOM.

ADOM level policies and objects

The following options are available:

policy package Select to access the policy package menu. The menu options are the same as the the right-click menu options.

About policies

Policy Select to create a new policy.
Tools Select and then select either ADOM Revisions or Display Options from the menu.
Collapse All / Expand

All

Select to collapse or expand all policies.

In v5.0.5 and earlier, if workspace is enabled, an ADOM must be locked before any changes can made to policy packages or objects. See Concurrent ADOM access for information on enabling or disabling workspace.

In v5.2.0 and later, if workspace is enabled, you can select to lock and edit the policy package in the right-click menu. You do not need to lock the ADOM first. The policy package lock status is displayed in the toolbar.

Provisioning Templates – FortiManager 5.2

Provisioning Templates

The Provisioning Templates section of the Device Manager tree menu provides configuration options for System templates, WiFi templates, Threat Weight templates, FortiClient templates, and Certificate templates.

Provisioning templates

Select the ADOM from the drop-down list and select Provisioning Templates in the tree menu.

System templates

System templates

The System Templates menu allows you to create and manage device profiles. A system template is a subset of a model device configuration. Each device or device group will be able to be linked with a system template. When linked, the selected settings will come from the template, not from the Device Manager database.

By default, there is one generic profile defined. System templates are managed in a similar manner to policy packages. You can use the context menus to create new device profiles. You can configure settings in the widget or import settings from a specific device.

Go to the Device Manager tab, then select Provisioning Templates > System Templates > default in the tree menu to configure system templates.

The following widgets and settings are available:

 

System

Widget Description
DNS Primary DNS Server, Secondary DNS Server, Local Domain Name, IPv6 DNS settings.

Configure in the system template or import settings from a specific device. Select Apply to save the setting.

Hover over the widget heading to select the following options:

l  Import: Import DNS settings from a specific device. Select the device in the drop-down list. Select OK to import settings. Select Apply to save the settings.

l  Refresh: Refresh the information displayed in the widget. l Close: Close the widget and remove it from the system template.

Time Settings Synchronize with NTP Server and Sync Interval settings. You can select to use the FortiGuard server or specify a custom server.

Configure in the system template or import settings from a specific device.

Select Apply to save the setting.

Hover over the widget heading to select the following options:

l  Import: Import time settings from a specific device. Select the device in the drop-down list. Select OK to import settings. Select Apply to save the settings.

l  Refresh: Refresh the information displayed in the widget. l Close: Close the widget and remove it from the system template.

Alert Email SMTP Server settings including server, authentication, SMTP user, and password.

Configure in the system template or import settings from a specific device.

Select Apply to save the setting.

Hover over the widget heading to select the following options:

l  Import: Import alert email settings from a specific device. Select the device in the drop-down list. Select OK to import settings. Select Apply to save the settings.

l  Refresh: Refresh the information displayed in the widget. l Close: Close the widget and remove it from the system template.

Admin Settings Web Administration Ports, Timeout Settings, and Web Administration. Configure in the system template and select Apply to save the setting.

Hover over the widget heading to select the following options:

l Refresh: Refresh the information displayed in the widget. l Close: Close the widget and remove it from the system template.

FortiManager Admin Guide Incoming

Had a question come in that made me do some more follow up on some specifics regarding the FortiManager. Just realized I hadn’t added the Administrative Guides for the FortiManager to the site yet. I will be adding these later tonight when I return for the gym. God this site has a long way to go to hit the  goals I have for it. Sorry for the delays!