Fortinet white logo
Fortinet white logo

Administration Guide

Security Fabric ADOMs

Security Fabric ADOMs

All Fortinet devices included in a Security Fabric can be placed into a Security Fabric ADOM, allowing for fast data processing and log correlation. Fabric ADOMs enable combined results to be presented in the Device Manager, Log View, FortiView, Incidents & Events/FortiSoC and Reports panes.

In a Fabric ADOM:

  • Device Manager: View and add all Fortinet devices in the Security Fabric to the Fabric ADOM, including FortiGate, FortiSandbox, FortiMail, FortiDDoS, and FortiClient EMS.
  • Log View: View logs from all Security Fabric devices.
  • FortiView: FortiDDoS and FortiClient EMS widgets are available.
  • Incidents & Events: Predefined event handlers for FortiGate, FortiSandbox, FortiMail, and FortiWeb ADOMs are available, and triggered events are displayed for all device types.
  • Reports: View predefined reports, templates, datasets, and charts for all device types. Charts from all device types can be inserted into a single report.

Creating a Security Fabric ADOM

To create a Fabric ADOM:
  1. In FortiAnalyzer, go to System Settings > All ADOMs.
  2. Select Create New.
  3. Configure the settings for the new Fabric ADOM and select Fabric as the type.
    See Creating ADOMs for more information on the individual settings.

  4. Select OK to create the ADOM.
    The Fabric ADOM is listed under the Security Fabric section of All ADOMs.

Migrating to a Fabric ADOM

You can change an existing non-Fabric ADOM to a Fabric ADOM using the FortiAnalyzer CLI.

  1. In the FortiAnalyzer CLI, enter the following commands:

    execute migrate fabric <fabric name>

    A note is displayed informing you of the number of ADOMs that will be affected, and once begun, a summary is displayed and the system will reboot.

Security Fabric ADOMs

Security Fabric ADOMs

All Fortinet devices included in a Security Fabric can be placed into a Security Fabric ADOM, allowing for fast data processing and log correlation. Fabric ADOMs enable combined results to be presented in the Device Manager, Log View, FortiView, Incidents & Events/FortiSoC and Reports panes.

In a Fabric ADOM:

  • Device Manager: View and add all Fortinet devices in the Security Fabric to the Fabric ADOM, including FortiGate, FortiSandbox, FortiMail, FortiDDoS, and FortiClient EMS.
  • Log View: View logs from all Security Fabric devices.
  • FortiView: FortiDDoS and FortiClient EMS widgets are available.
  • Incidents & Events: Predefined event handlers for FortiGate, FortiSandbox, FortiMail, and FortiWeb ADOMs are available, and triggered events are displayed for all device types.
  • Reports: View predefined reports, templates, datasets, and charts for all device types. Charts from all device types can be inserted into a single report.

Creating a Security Fabric ADOM

To create a Fabric ADOM:
  1. In FortiAnalyzer, go to System Settings > All ADOMs.
  2. Select Create New.
  3. Configure the settings for the new Fabric ADOM and select Fabric as the type.
    See Creating ADOMs for more information on the individual settings.

  4. Select OK to create the ADOM.
    The Fabric ADOM is listed under the Security Fabric section of All ADOMs.

Migrating to a Fabric ADOM

You can change an existing non-Fabric ADOM to a Fabric ADOM using the FortiAnalyzer CLI.

  1. In the FortiAnalyzer CLI, enter the following commands:

    execute migrate fabric <fabric name>

    A note is displayed informing you of the number of ADOMs that will be affected, and once begun, a summary is displayed and the system will reboot.