Fortinet black logo

Administration Guide

Home FortiEDR/XDR 5.1.0 Administration Guide
5.1.0
6.2.0
6.0.0
5.2.1
5.2.0
5.1.0
5.0.0
4.2.0
4.1.1
4.1.0

Appendix C – ON PREMISE DEPLOYMENTS

Appendix C – ON PREMISE DEPLOYMENTS

This chapter describes how to install the FortiEDR backend components for on premise deployments.

Installing FortiEDR components on-premise

In this section we will guide you through on-premise deployment of FortiEDR components.

Before you start the FortiEDR installation process, please make sure that:

  • All devices, workstations, virtual machines and servers on which a FortiEDR component will be installed comply with the system requirements provided on Installing FortiEDR.
  • You have read and selected the most suitable deployment option for you.
  • FortiEDR Core, FortiEDR Aggregator and FortiEDR Central Manager use ports 555, 8081 and 443, respectively. Ensure that these ports are not blocked by your firewall product (if one is deployed).

    As a security best practice, it is recommended to update the firewall rules so that they only have a narrow opening. For example:

    • Only open the TCP outbound port 555 to the Core IP address.
    • Only open the TCP outbound port 8081 to the Aggregator IP address.

Install the system components top-down in the following order:

  1. Installing the FortiEDR Central Manager and FortiEDR Aggregator on the Same Machine
  2. Installing the FortiEDR Threat Hunting Repository
  3. Installing the FortiEDR Core
  4. Installing FortiEDR Collectors
Previous
Next

Appendix C – ON PREMISE DEPLOYMENTS

This chapter describes how to install the FortiEDR backend components for on premise deployments.

Installing FortiEDR components on-premise

In this section we will guide you through on-premise deployment of FortiEDR components.

Before you start the FortiEDR installation process, please make sure that:

  • All devices, workstations, virtual machines and servers on which a FortiEDR component will be installed comply with the system requirements provided on Installing FortiEDR.
  • You have read and selected the most suitable deployment option for you.
  • FortiEDR Core, FortiEDR Aggregator and FortiEDR Central Manager use ports 555, 8081 and 443, respectively. Ensure that these ports are not blocked by your firewall product (if one is deployed).

    As a security best practice, it is recommended to update the firewall rules so that they only have a narrow opening. For example:

    • Only open the TCP outbound port 555 to the Core IP address.
    • Only open the TCP outbound port 8081 to the Aggregator IP address.

Install the system components top-down in the following order:

  1. Installing the FortiEDR Central Manager and FortiEDR Aggregator on the Same Machine
  2. Installing the FortiEDR Threat Hunting Repository
  3. Installing the FortiEDR Core
  4. Installing FortiEDR Collectors
Previous
Next