Configuring the FortiEDR Central Manager server and console
After you install the FortiEDR Central Manager, you must configure the FortiEDR Central Manager Server and console before setting up other components, such as Aggregators, Cores, and Collectors. The configuration includes creating an Admin user, setting up device registration password, and loading your license.
To configure the FortiEDR Central Manager Server and console:
- Use any standard Internet browser to connect securely (via https://) to the IP address and port of the machine on which the FortiEDR Central Manager is installed, as follows:
https://<machine_IP_addess>/
- Default port is 443
- Define the first administrator user to be allowed to log into the FortiEDR Manager by filling in the First Name, Last Name, Email Address, and Define administrator user name fields.
- Enter and confirm the password to be used by this administrator user.
- In the Device Registration Password fields, enter and confirm the password to be used to install all FortiEDR Collectors, FortiEDR Aggregators and FortiEDR Cores. This same password must be used by all. The following special characters are unsupported in the password: $, ‘, and ".
The registration password is needed for the installation of any FortiEDR component. You can retrieve a lost registration password or change a compromised registration password under Administration > Tools > Component authentication in the Central Manager console. If you have no access to the Central Manager console, contact Fortinet Support to retrieve the registration password.
- Click the Login button. The regular FortiEDR Central Manager Login page is then displayed, as shown below. The page that displays varies, depending on whether the FortiEDR system is set up as a single-organization or multi-organization system.
The FortiEDR system can be set up as a single-organization or multi-organization system. In a multi-organization system, all users except an Administrator user must specify the organization in the Organization Name dropdown list. If a user is defined for an organization, then he/she can log in to that organization. Otherwise, he/she cannot.
For more details about logging in to a multi-organization system, see Step 1 – Logging in to a multi-organization system.
- Enter the administrator user name and password you have just defined and click Login. All fields are case sensitive. The following window displays automatically the first time you log into the FortiEDR Central Manager:
- Send the displayed Installation ID to FortiEDRAdmin@fortinet.com by email in order to receive a license string from Fortinet.
- Click Load New License. The LOAD NEW LICENSE window opens.
- Copy/paste the license string that you received by email into the LOAD NEW LICENSE window and click Load License. The following displays showing the relevant licensed entitlements:
Field
Description
Installation ID Specifies the unique identifier that is automatically generated upon installation of the ForitEDR Management server. You may be asked to provide this ID and the Name field when contacting Fortinet for support. Name Specifies the name of the organization in a multi-organization FortiEDR system. For more details, see Multi-tenancy (organizations). Expiration Date Specifies when this license expires. Notifications will be sent to you beforehand. License Type Specifies whether the Discover, Protect and Response license, Discover and Protect license, or Protect and Response license was purchased. The license type defines the availability of the relevant add-ons. Communication Control Specifies the word Available if the Communication Control add-on is included in the license. eXtended Detection Specifies the word Available, when the eXtended Detection add-on is included in the license. Forensics Specifies the word Available if the Forensics add-on (described in Forensics is included in the license. Threat Hunting Specifies the word Available if the Threat hunting add-on (described in Threat Hunting) is included in the license. It also specifies whether Repository add-ons have been purchased and how many have been. Content Updates Specifies the word Available if the Content Updates add-on is included in the license. This add-on enables you to automatically receive the latest FortiEDR policy rule and built-in exception updates.
The system arrives with the latest content pre-installed. There is no need to install content during the initial installation.
The Load Content button enables you to update content, as well as to update the Collector version on any existing Collector.
To load content updates on your FortiEDR system, click the Load Content button and then select the content file to load. In a multi-tenant environment, the Load Content button is available in Hoster View .
If the content file contains a Collector update, you can update all Collectors with the new version at that time, or choose to do so later.
Click the Update Collectors button to update the version for all Collectors.
Vulnerability Management
Specifies the word Available if the Vulnerability Management add-on (described in Administration) is included in the license.
License Capacity
Specifies the number of available licenses for protection by FortiEDR Collectors (for workstations and servers). Only the number of FortiEDR Collectors allowed by the license can register with the FortiEDR Central Manager. Additional FortiEDR Collectors are not registered with the FortiEDR Central Manager. In addition, the number of IoT devices specified under the License Capacity determines whether or not IoT Discovery is available (zero number).
In Use
Specifies the number of FortiEDR licenses for workstations and servers that are currently in use. In addition, it specifies the number of IoT devices detected in the system thus far.
Remaining
Specifies the number of FortiEDR licenses for workstations and servers that are still available for use.
Regarding questions about the number of licenses purchased, please contact Fortinet Support.