Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Administration Guide

    Home FortiGate / FortiOS 7.0.0 Administration Guide
    7.0.0
    7.6.0
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.16
    7.0.15
    7.0.14
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.15
    6.4.14
    6.4.13
    6.4.12
    6.4.11
    6.4.10
    6.4.9
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0

    FortiAI

    FortiAI

    FortiAI can be added to the Security Fabric so it appears in the topology views and the dashboard widgets.

    To add FortiAI to the Security Fabric in the GUI:

    1. Enable the Security Fabric and configure the interface to allow other Security Fabric devices to join (see Configuring the root FortiGate and downstream FortiGates).

    2. Install the FortiAI appliance and activate the product with a valid license (see Registering products in the Asset Management Guide). A license file is provided after the product is registered.

    3. In FortiAI, go to System > FortiGuard and verify that the pre-trained models (engines) are up to date. Refer to the FortiGuard website for the latest FortiAI ANN versions.

    4. Configure and authorize the FortiGate in the FortiAI GUI to join the Security Fabric:

      1. Go to Security Fabric > Fabric Connectors and double-click the connector card.

      2. Click the toggle to Enable Security Fabric.

      3. Enter the FortiGate Root IP address and the FortiAI IP address.

      4. Click OK. The FortiAI is now authorized.

    5. Authorize the FortiAI in FortiOS:

      1. Go to Security Fabric > Fabric Connectors and double-click the Security Fabric Setup card.

      2. In the topology tree, click the highlighted FortiAI serial number and select Authorize.

      3. Click Accept to verify the device certificate.

        The Security Fabric widget on the dashboard also updates when the FortiAI is authorized.

    6. Go to Security Fabric > Physical Topology or Security Fabric > Logical Topology to view more information.

    To add FortiAI to the Security Fabric in the CLI:

    1. Configure the interface to allow other Security Fabric devices to join:

      config system interface
    edit "port1"
        ...
        set allowaccess ping https ssh http fgfm fabric
        ...
    next
end

    2. Enable the Security Fabric:

      config system csf
    set status enable
    set group-name "fabric-ai"
end

    3. In FortiAI, configure the device to join the Security Fabric:

      config system csf
    set status enable
    set upstream-ip 10.6.30.14
    set managment-ip 10.6.30.251
end

    4. Authorize the FortiAI in FortiOS:

      config system csf
    set status enable
    set group-name "fabric-ai"
    config trusted-list
        edit "FAIVMSTM21000000"
            set authorization-type certificate
            set certificate "*******************"
        next
    end
end
    Previous
    Next

    More Links

    Security Fabric

    FortiAI

    FortiAI

    FortiAI can be added to the Security Fabric so it appears in the topology views and the dashboard widgets.

    To add FortiAI to the Security Fabric in the GUI:

    1. Enable the Security Fabric and configure the interface to allow other Security Fabric devices to join (see Configuring the root FortiGate and downstream FortiGates).

    2. Install the FortiAI appliance and activate the product with a valid license (see Registering products in the Asset Management Guide). A license file is provided after the product is registered.

    3. In FortiAI, go to System > FortiGuard and verify that the pre-trained models (engines) are up to date. Refer to the FortiGuard website for the latest FortiAI ANN versions.

    4. Configure and authorize the FortiGate in the FortiAI GUI to join the Security Fabric:

      1. Go to Security Fabric > Fabric Connectors and double-click the connector card.

      2. Click the toggle to Enable Security Fabric.

      3. Enter the FortiGate Root IP address and the FortiAI IP address.

      4. Click OK. The FortiAI is now authorized.

    5. Authorize the FortiAI in FortiOS:

      1. Go to Security Fabric > Fabric Connectors and double-click the Security Fabric Setup card.

      2. In the topology tree, click the highlighted FortiAI serial number and select Authorize.

      3. Click Accept to verify the device certificate.

        The Security Fabric widget on the dashboard also updates when the FortiAI is authorized.

    6. Go to Security Fabric > Physical Topology or Security Fabric > Logical Topology to view more information.

    To add FortiAI to the Security Fabric in the CLI:

    1. Configure the interface to allow other Security Fabric devices to join:

      config system interface
    edit "port1"
        ...
        set allowaccess ping https ssh http fgfm fabric
        ...
    next
end

    2. Enable the Security Fabric:

      config system csf
    set status enable
    set group-name "fabric-ai"
end

    3. In FortiAI, configure the device to join the Security Fabric:

      config system csf
    set status enable
    set upstream-ip 10.6.30.14
    set managment-ip 10.6.30.251
end

    4. Authorize the FortiAI in FortiOS:

      config system csf
    set status enable
    set group-name "fabric-ai"
    config trusted-list
        edit "FAIVMSTM21000000"
            set authorization-type certificate
            set certificate "*******************"
        next
    end
end
    Previous
    Next