Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • New Features

    Home FortiAnalyzer 7.0.0 New Features
    7.0.0
    7.6.0
    7.4.0
    7.2.0
    7.0.0
    6.4.0
    6.2.3
    6.2.2
    6.2.1
    6.2.0

    Migrate to Fabric ADOM 7.0.2

    Migrate to Fabric ADOM 7.0.2

    Migrating other ADOM types to Fabric ADOM type is now supported via a CLI command.

    In this example, several ADOM types are created (FortiGate, FortiMail, and FortiWeb) and migrated to a Fabric type ADOM.

    To migrate a non-Fabric ADOM to a Fabric ADOM:
    1. Create several customized ADOMs, for example:
      • FortiGate ADOM type: FGT_ADOM1
      • FortiWeb ADOM type: FWB_ADOM1
      • FortiMail ADOM type: FML_ADOM1
    2. Configure the FortiGate, FortiWeb, and FortiMail devices to send logs to FortiAnalyzer and promote these devices to their individual ADOMs.
    3. Create custom event handlers in each of these ADOMs.

    4. Create reports in each of these ADOMs.
    5. From the FortiAnalyzer CLI, use the following command to migrate an ADOM to a Fabric ADOM: execute migrate fabric <ADOM name>.
      You can add multiple ADOM names by separating them with a comma.
      In the example below, FGT_ADOM1 is migrated to a Fabric ADOM.

      execute migrate fabric FGT_ADOM1

      Note: This operation will replace the current settings of 1 ADOM(s) and reboot the system.

      ADOM: FGT_ADOM1

      Do you want to continue? (y/n)

      Result: OK(0).

      Summary:

      - 08 Nov 2021 18:10:16 migrate FortiGate ADOM FGT_ADOM1(206) to fabric.

      1 ADOM(s) will migrate to fabric.

      Please wait for reboot...

    6. After the system boots up, check the ADOM type for FGT_ADOM1 in the CLI. It is now a Fabric ADOM.

      FAZVM64 # FAZVM64 # diagnose dvm adom list

      There are currently 22 ADOMs:

      OID STATE PRODUCT OSVER MR NAME MODE VPN MANAGEMENT IPS ISDB

      206 enabled FSF 7.0 0 FGT_ADOM1 Normal Policy & Device VPNs 18.192 7.1996

      210 enabled FML 7.0 0 FML_ADOM1 Normal Policy & Device VPNs 18.192 7.1996

      208 enabled FWB 7.0 0 FWB_ADOM1 Normal Policy & Device VPNs 18.192 7.1996

      128 enabled FAZ 7.0 0 FortiAnalyzer Normal Policy & Device VPNs 18.192 7.1996

      144 enabled FAC 6.0 4 FortiAuthenticator Normal Policy & Device VPNs 18.192 7.1996

      132 enabled FCH 4.0 2 FortiCache Normal Policy & Device VPNs 0.0 0.0

      124 enabled FOC 7.0 0 FortiCarrier Normal Policy & Device VPNs 18.192 7.1996

      134 enabled FCT 7.0 0 FortiClient Normal Policy & Device VPNs 18.192 7.1996

      142 enabled FDD 6.0 2 FortiDDoS Normal Policy & Device VPNs 18.192 7.1996

      172 enabled FDC 4.0 0 FortiDeceptor Normal Policy & Device VPNs 0.0 0.0

      170 enabled FFW 6.0 2 FortiFirewall Normal Policy & Device VPNs 18.192 7.1996

      174 enabled FWC 6.0 2 FortiFirewallCarrier Normal Policy & Device VPNs 18.192 7.1996

      126 enabled FML 7.0 0 FortiMail Normal Policy & Device VPNs 18.192 7.1996

      138 enabled FMG 7.0 0 FortiManager Normal Policy & Device VPNs 18.192 7.1996

      146 enabled FPX 2.0 0 FortiProxy Normal Policy & Device VPNs 0.0 0.0

      140 enabled FSA 4.0 0 FortiSandbox Normal Policy & Device VPNs 0.0 0.0

      130 enabled FWB 6.0 4 FortiWeb Normal Policy & Device VPNs 18.192 7.1996

      136 enabled LOG 0.0 0 Syslog Normal Policy & Device VPNs 0.0 0.0

      148 enabled FSF 7.0 0 Unmanaged_Devices Normal Policy & Device VPNs 18.192 7.1996

      122 enabled Chassis 6.0 0 Chassis Normal Policy & Device VPNs 18.192 7.1996

      3 enabled FSF 7.0 0 root Normal Policy & Device VPNs 18.192 7.1996

      10 enabled FOS 7.0 0 Global Normal Policy & Device VPNs 18.192 7.1996

      ---End ADOM list---

    7. In the GUI, go to System Settings > All ADOMs. You can see that the ADOM type is now Fabric.
    8. In FGT_ADOM1, go to Log View. The log files are kept, and the log view is working normally.

    9. Go to FortiSoC > Handlers > Event Handler List. Your previously configured event handlers are available.
    10. Go to Reports > Report Definitions > All Reports. Your previously configured reports are available.
    11. Perform the same Fabric migration for the other customized ADOMs: FML_ADOM1 and FWB_ADOM1.

      FAZVM64 # execute migrate fabric FML_ADOM1,FWB_ADOM1

      Note: This operation will replace the current settings of 2 ADOM(s) and reboot the system.

      ADOM: FML_ADOM1,FWB_ADOM1

      Do you want to continue? (y/n)y

      Result: OK(0).

      Summary:

      - 08 Nov 2021 18:28:20 migrate FortiMail ADOM FML_ADOM1(210) to fabric.

      - 08 Nov 2021 18:28:20 migrate FortiWeb ADOM FWB_ADOM1(208) to fabric.

      2 ADOM(s) will migrate to fabric.

      Please wait for reboot...

    12. After the system boots up, perform the same check as had been performed with FGT_ADOM1 and confirm the results are similar.
    13. Since FGT_ADOM1, FML_ADOM1, and FWB_ADOM1 are Fabric ADOMs, all types of devices can be promoted into these ADOMs, and all device logs are also inserted into the siemdb.

    Previous
    Next

    Migrate to Fabric ADOM 7.0.2

    Migrate to Fabric ADOM 7.0.2

    Migrating other ADOM types to Fabric ADOM type is now supported via a CLI command.

    In this example, several ADOM types are created (FortiGate, FortiMail, and FortiWeb) and migrated to a Fabric type ADOM.

    To migrate a non-Fabric ADOM to a Fabric ADOM:
    1. Create several customized ADOMs, for example:
      • FortiGate ADOM type: FGT_ADOM1
      • FortiWeb ADOM type: FWB_ADOM1
      • FortiMail ADOM type: FML_ADOM1
    2. Configure the FortiGate, FortiWeb, and FortiMail devices to send logs to FortiAnalyzer and promote these devices to their individual ADOMs.
    3. Create custom event handlers in each of these ADOMs.

    4. Create reports in each of these ADOMs.
    5. From the FortiAnalyzer CLI, use the following command to migrate an ADOM to a Fabric ADOM: execute migrate fabric <ADOM name>.
      You can add multiple ADOM names by separating them with a comma.
      In the example below, FGT_ADOM1 is migrated to a Fabric ADOM.

      execute migrate fabric FGT_ADOM1

      Note: This operation will replace the current settings of 1 ADOM(s) and reboot the system.

      ADOM: FGT_ADOM1

      Do you want to continue? (y/n)

      Result: OK(0).

      Summary:

      - 08 Nov 2021 18:10:16 migrate FortiGate ADOM FGT_ADOM1(206) to fabric.

      1 ADOM(s) will migrate to fabric.

      Please wait for reboot...

    6. After the system boots up, check the ADOM type for FGT_ADOM1 in the CLI. It is now a Fabric ADOM.

      FAZVM64 # FAZVM64 # diagnose dvm adom list

      There are currently 22 ADOMs:

      OID STATE PRODUCT OSVER MR NAME MODE VPN MANAGEMENT IPS ISDB

      206 enabled FSF 7.0 0 FGT_ADOM1 Normal Policy & Device VPNs 18.192 7.1996

      210 enabled FML 7.0 0 FML_ADOM1 Normal Policy & Device VPNs 18.192 7.1996

      208 enabled FWB 7.0 0 FWB_ADOM1 Normal Policy & Device VPNs 18.192 7.1996

      128 enabled FAZ 7.0 0 FortiAnalyzer Normal Policy & Device VPNs 18.192 7.1996

      144 enabled FAC 6.0 4 FortiAuthenticator Normal Policy & Device VPNs 18.192 7.1996

      132 enabled FCH 4.0 2 FortiCache Normal Policy & Device VPNs 0.0 0.0

      124 enabled FOC 7.0 0 FortiCarrier Normal Policy & Device VPNs 18.192 7.1996

      134 enabled FCT 7.0 0 FortiClient Normal Policy & Device VPNs 18.192 7.1996

      142 enabled FDD 6.0 2 FortiDDoS Normal Policy & Device VPNs 18.192 7.1996

      172 enabled FDC 4.0 0 FortiDeceptor Normal Policy & Device VPNs 0.0 0.0

      170 enabled FFW 6.0 2 FortiFirewall Normal Policy & Device VPNs 18.192 7.1996

      174 enabled FWC 6.0 2 FortiFirewallCarrier Normal Policy & Device VPNs 18.192 7.1996

      126 enabled FML 7.0 0 FortiMail Normal Policy & Device VPNs 18.192 7.1996

      138 enabled FMG 7.0 0 FortiManager Normal Policy & Device VPNs 18.192 7.1996

      146 enabled FPX 2.0 0 FortiProxy Normal Policy & Device VPNs 0.0 0.0

      140 enabled FSA 4.0 0 FortiSandbox Normal Policy & Device VPNs 0.0 0.0

      130 enabled FWB 6.0 4 FortiWeb Normal Policy & Device VPNs 18.192 7.1996

      136 enabled LOG 0.0 0 Syslog Normal Policy & Device VPNs 0.0 0.0

      148 enabled FSF 7.0 0 Unmanaged_Devices Normal Policy & Device VPNs 18.192 7.1996

      122 enabled Chassis 6.0 0 Chassis Normal Policy & Device VPNs 18.192 7.1996

      3 enabled FSF 7.0 0 root Normal Policy & Device VPNs 18.192 7.1996

      10 enabled FOS 7.0 0 Global Normal Policy & Device VPNs 18.192 7.1996

      ---End ADOM list---

    7. In the GUI, go to System Settings > All ADOMs. You can see that the ADOM type is now Fabric.
    8. In FGT_ADOM1, go to Log View. The log files are kept, and the log view is working normally.

    9. Go to FortiSoC > Handlers > Event Handler List. Your previously configured event handlers are available.
    10. Go to Reports > Report Definitions > All Reports. Your previously configured reports are available.
    11. Perform the same Fabric migration for the other customized ADOMs: FML_ADOM1 and FWB_ADOM1.

      FAZVM64 # execute migrate fabric FML_ADOM1,FWB_ADOM1

      Note: This operation will replace the current settings of 2 ADOM(s) and reboot the system.

      ADOM: FML_ADOM1,FWB_ADOM1

      Do you want to continue? (y/n)y

      Result: OK(0).

      Summary:

      - 08 Nov 2021 18:28:20 migrate FortiMail ADOM FML_ADOM1(210) to fabric.

      - 08 Nov 2021 18:28:20 migrate FortiWeb ADOM FWB_ADOM1(208) to fabric.

      2 ADOM(s) will migrate to fabric.

      Please wait for reboot...

    12. After the system boots up, perform the same check as had been performed with FGT_ADOM1 and confirm the results are similar.
    13. Since FGT_ADOM1, FML_ADOM1, and FWB_ADOM1 are Fabric ADOMs, all types of devices can be promoted into these ADOMs, and all device logs are also inserted into the siemdb.

    Previous
    Next