Fortinet black logo

Fortinet Security Fabric

6.0.0
Copy Link
Copy Doc ID ea42bedb-a99b-11e9-81a4-00505692583a:545476
Download PDF

Fortinet Security Fabric

The Fortinet Security Fabric spans across an entire network linking different security sensors and tools together to collect, coordinate, and respond to malicious behavior in real time. Security Fabric can be used to coordinate the behavior of different Fortinet products in your network, including FortiGate, FortiAnalyzer, FortiClient, FortiSandbox, FortiAP, FortiSwitch, and FortiClient Endpoint Management Server (EMS). Security Fabric supports FortiOS 5.4.1+, FortiSwitchOS 3.3+, and FortiClient 5.4.1+.

Port TCP/8009 is the port FortiGate uses for incoming traffic from the FortiClient Portal, as user information (such as IP address, MAC address, avatar, and other profile information) is automatically synchronized to the FortiGate and EMS.

The brief example below assumes that FortiTelemetry has been enabled on the top-level FortiGate (FGT1), OSPF routing has been configured, and that policies have been created for all FortiGate units to access the Internet.

For more details on how to configure a security fabric between FortiGate units, see Fortinet Security Fabric installation.

Enabling Security Fabric on the FortiGate:

  1. On the upstream FortiGate (FGT1), go to Security Fabric > Settings and enable FortiGate Telemetry.
  2. Enter a Group name and Group password for the fabric.
  3. On a downstream FortiGate (such as FGT2 or FGT3), configure the same fabric settings as were set on FGT1.
  4. Enable Connect to upstream FortiGate.
    Be sure you do not enable this on the topmost-level FortiGate (in this example, FGT1).
  5. In FortiGate IP, enter the FGT1 interface that has FortiTelemetry enabled. The Management IP can be left to use the WAN IP or optionally specified.

Once set up, you can view your network's Security Fabric configuration under Security Fabric through two topology dashboards.

  1. On the top-level FortiGate, go to Security Fabric > Physical Topology. This dashboard shows a visualization of all access layer devices in the fabric.

  1. Go to Security Fabric > Logical Topology to view information about the interfaces (logical or physical) that each device in the fabric is connected to.

Other Security Fabric configurations for your network are available through see Fortinet Security Fabric installation.

Fortinet Security Fabric

The Fortinet Security Fabric spans across an entire network linking different security sensors and tools together to collect, coordinate, and respond to malicious behavior in real time. Security Fabric can be used to coordinate the behavior of different Fortinet products in your network, including FortiGate, FortiAnalyzer, FortiClient, FortiSandbox, FortiAP, FortiSwitch, and FortiClient Endpoint Management Server (EMS). Security Fabric supports FortiOS 5.4.1+, FortiSwitchOS 3.3+, and FortiClient 5.4.1+.

Port TCP/8009 is the port FortiGate uses for incoming traffic from the FortiClient Portal, as user information (such as IP address, MAC address, avatar, and other profile information) is automatically synchronized to the FortiGate and EMS.

The brief example below assumes that FortiTelemetry has been enabled on the top-level FortiGate (FGT1), OSPF routing has been configured, and that policies have been created for all FortiGate units to access the Internet.

For more details on how to configure a security fabric between FortiGate units, see Fortinet Security Fabric installation.

Enabling Security Fabric on the FortiGate:

  1. On the upstream FortiGate (FGT1), go to Security Fabric > Settings and enable FortiGate Telemetry.
  2. Enter a Group name and Group password for the fabric.
  3. On a downstream FortiGate (such as FGT2 or FGT3), configure the same fabric settings as were set on FGT1.
  4. Enable Connect to upstream FortiGate.
    Be sure you do not enable this on the topmost-level FortiGate (in this example, FGT1).
  5. In FortiGate IP, enter the FGT1 interface that has FortiTelemetry enabled. The Management IP can be left to use the WAN IP or optionally specified.

Once set up, you can view your network's Security Fabric configuration under Security Fabric through two topology dashboards.

  1. On the top-level FortiGate, go to Security Fabric > Physical Topology. This dashboard shows a visualization of all access layer devices in the fabric.

  1. Go to Security Fabric > Logical Topology to view information about the interfaces (logical or physical) that each device in the fabric is connected to.

Other Security Fabric configurations for your network are available through see Fortinet Security Fabric installation.