Configuring an SDN connector in Azure
In this section, you configure FortiGate SDN connector for use with Azure.
In the FortiGate interface, these connectors are called SDN connectors and are SDN connectors that provide integration and orchestration of Fortinet products with key SDN solutions. The Fortinet Security Fabric provides visibility into your security posture across multiple cloud networks, spanning private, public, and Software as a Service (SaaS) clouds. In software-defined networks like Azure, dynamic objects and resources can be cumbersome to secure using traditional firewall policies. By using the SDN connector for use with the Azure IaaS, changes to attributes in the Azure environment can be automatically updated in the Security Fabric. This helps integrate and orchestrate FortiOS IPv4 policies going forward.
Before installing and configuring the Azure SDN connector, the following Azure infrastructure and Fortinet FortiGate-VM components should be in place:
- A valid Azure account and subscription. The account can be one that your organization established or simply one of the free trial options available from Azure. If you do not specify the resource group, you can find all resources that the account has access to.
- You should have a FortiGate-VM deployed in Azure
- An IPv4 outbound policy from the FortiGate-VM on port2 (internal) to port1 (external)
- A VM instance of a resource in the Azure environment
This section describes configuring an Azure SDN connector to connect the FortiGate to connect to the Azure backend. This allows easy reference of dynamic Azure objects when creating FortiOS firewall policies. If the FortiGate is a virtual device in one of those environments, it is likely to be the only connector configured.