Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY 26.2.0
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    Administration Guide

    Home 26.2.0 Administration Guide

    FortiGate

    FortiGate

    FortiOS is the operating system that runs on Fortinet’s FortiGate Next-Generation Firewall (NGFW). FortiOS delivers security as a hybrid mesh firewall that spans a meshed topology of on-prem and cloud environments. With FortiGuard's AI-powered security services, FortiOS provides protection across the attack surface with IPS, advanced malware protection, web security, inline malware prevention, data loss prevention, and more.

    Benefits

    By integrating FortiGate VM firewalls with FortiCNAPP, enhancements can be made to provide comprehensive insights into the managed and unmanaged attack surface. You will be able to assess whether FortiGate firewalls are effectively protecting critical assets, identify misconfigurations, and uncover environments where FortiGate firewalls are absent.

    Benefits of integrating FortiOS with FortiCNAPP include:

    Benefit

    Description

    Risk visualization and path analysis

    Visualize resource exposure based on the presence of the FortiGate in the path to the Internet. You can determine whether a FortiGate node exists in the path.

    Network paths are color-coded in an integration graph to display firewall protection:

    • Blue represents Internet reachable when a FortiGate is in the path.

    • Red represents Internet exposed when there is no FortiGate identified.

    This improves your awareness of potentially exposed resources.

    Inventory categorization

    Categorize your FortiGates in the Resource Inventory.

    • Review the Next-Gen Firewall resource category to identify FortiGate assets

    • Enhances resource visualization

    Query FortiGate VMs

    Use the Explorer graph to query both FortiGate VMs and paths protected by the FortiGate.

    • Quickly identify potential risks

    • View resource relationships

    Policy accuracy improvements

    Integrating FortiGate data into FortiCNAPP reduces improves results in CSPM policy evaluations:

    • Reduces the number of false positives

    • Accelerate investigations

    • Escalate only what matters

    Supported deployment types

    The following deployment types are supported:

    Deployment

    Support

    FortiCNAPP template and VM deployment overview

    Amazon Web Services (AWS)

    • Transit Gateway Integration:

      • Multiple VPCs connected via AWS Transit Gateway with FortiGate in the path.

    • High Availability (HA):

      • Standard Active/Passive (A/P) setup.

    Google Cloud Platform (GCP)

    • High Availability (HA):

      • Standard Active/Passive (A/P) setup.

    Microsoft Azure (Azure)

    • Single Instance:

      • Standalone FortiGate node configurations.

    • Fabric Connector Failover (SDN):

      • Active/Passive HA pairs utilizing the Fortinet Fabric Connector for Azure.

    Standard Load Balancer (SLB)

    • High Availability (HA):

      • Active/Passive (A/P) setup.

    How to configure the FortiGate

    To configure the FortiGate, see:

    How to configure FortiCNAPP

    To configure FortiCNAPP, see:

    Previous
    Next

    FortiGate

    FortiGate

    FortiOS is the operating system that runs on Fortinet’s FortiGate Next-Generation Firewall (NGFW). FortiOS delivers security as a hybrid mesh firewall that spans a meshed topology of on-prem and cloud environments. With FortiGuard's AI-powered security services, FortiOS provides protection across the attack surface with IPS, advanced malware protection, web security, inline malware prevention, data loss prevention, and more.

    Benefits

    By integrating FortiGate VM firewalls with FortiCNAPP, enhancements can be made to provide comprehensive insights into the managed and unmanaged attack surface. You will be able to assess whether FortiGate firewalls are effectively protecting critical assets, identify misconfigurations, and uncover environments where FortiGate firewalls are absent.

    Benefits of integrating FortiOS with FortiCNAPP include:

    Benefit

    Description

    Risk visualization and path analysis

    Visualize resource exposure based on the presence of the FortiGate in the path to the Internet. You can determine whether a FortiGate node exists in the path.

    Network paths are color-coded in an integration graph to display firewall protection:

    • Blue represents Internet reachable when a FortiGate is in the path.

    • Red represents Internet exposed when there is no FortiGate identified.

    This improves your awareness of potentially exposed resources.

    Inventory categorization

    Categorize your FortiGates in the Resource Inventory.

    • Review the Next-Gen Firewall resource category to identify FortiGate assets

    • Enhances resource visualization

    Query FortiGate VMs

    Use the Explorer graph to query both FortiGate VMs and paths protected by the FortiGate.

    • Quickly identify potential risks

    • View resource relationships

    Policy accuracy improvements

    Integrating FortiGate data into FortiCNAPP reduces improves results in CSPM policy evaluations:

    • Reduces the number of false positives

    • Accelerate investigations

    • Escalate only what matters

    Supported deployment types

    The following deployment types are supported:

    Deployment

    Support

    FortiCNAPP template and VM deployment overview

    Amazon Web Services (AWS)

    • Transit Gateway Integration:

      • Multiple VPCs connected via AWS Transit Gateway with FortiGate in the path.

    • High Availability (HA):

      • Standard Active/Passive (A/P) setup.

    Google Cloud Platform (GCP)

    • High Availability (HA):

      • Standard Active/Passive (A/P) setup.

    Microsoft Azure (Azure)

    • Single Instance:

      • Standalone FortiGate node configurations.

    • Fabric Connector Failover (SDN):

      • Active/Passive HA pairs utilizing the Fortinet Fabric Connector for Azure.

    Standard Load Balancer (SLB)

    • High Availability (HA):

      • Active/Passive (A/P) setup.

    How to configure the FortiGate

    To configure the FortiGate, see:

    How to configure FortiCNAPP

    To configure FortiCNAPP, see:

    Previous
    Next