Fortinet white logo
Fortinet white logo

FortiLAN Cloud User Guide

Introduction

Introduction

FortiLAN Cloud is a unified management platform for standalone FortiAP and FortiSwitch deployments. FortiLAN Cloud provides configuration management and monitoring control for a handful of devices and can scale up to thousands of devices across multiple sites.

The following image shows the FortiLAN Cloud overview including the network management system (NMS) and administration communications.

FortiAP

FortiLAN Cloud centralizes the life-cycle management of your standalone FortiAP deployment with a simple, intuitive, and easy-to-use cloud interface that is accessible from anywhere at any time. With FortiLAN Cloud, you can deploy, configure, and manage your FortiAP devices. FortiLAN Cloud also offers enhanced visibility, monitoring, reporting, and analytics features for your FortiAP devices. FortiLAN Cloud also supports the FortiAP-S and FortiAP-U series which combine the elements of universal threat protection (UTP) protection at the network edge.

If you are interested in cloud management of FortiAP devices that are already connected to FortiGate devices, then use FortiGate Cloud, not FortiLAN Cloud.

FortiSwitch

FortiLAN Cloud provides management as a service (MaaS) for secure switching infrastructure deployed with FortiSwitch devices. It provides a centralized discovery, visibility, and configuration management solution without the need of on-premise hardware, software, or management overhead. FortiLAN Cloud manages FortiSwitch devices in standalone mode.

REST API

REST (REpresentational State Transfer) is a modern, scalable (but not high performance) client-server based RPC technique using existing HTTP protocol methods (such as GET, POST, PUT, DELETE) on server resources (identified by URLs) and transferring the resources in either XML / JSON / HTML representation. FortiLAN Cloud REST API provides functions similar to its GUI functions, both configuration and monitoring are supported over REST API. The FortiLAN Cloud REST APIs are integrated with FortiCloud IAM users, you can use REST APIs as a local user or an IAM user.

FortiLAN Cloud SKUs

Subscription SKU

Description

FC-10-90AP1-639-02-DD

FortiLAN Cloud FAP (FAP/FAP-U/FAP-C) advanced management license includes:

  • Advanced AP management features (where applicable for model)
  • One year log retention
  • 24x7 FortiCare

FC-10-90APS-639-02-DD

FortiLAN Cloud FAP-S advanced management license includes:

  • FortiGuard subscription services
  • Advanced AP management features
  • One year log retention
  • 24x7 FortiCare

FC-10-90APU-443-02-DD

FortiAP-U Series FortiGuard UTP subscription service license. Applicable to FortiGate or FortiLAN Cloud managed F-series or later FortiAP-U family access points.

FCLE-10-FCLD0-161-02-DD

One year FortiGate Cloud or FortiLAN Cloud Multi Tenancy service for a Managed Service Provider (MSP) to create and manage multiple sub-accounts.

FC-10-FSW00-628-02-DD

FortiSwitch 100 series (no rugged models) one year management license including 24x7 FortiCare .

FC-10-FSW10-628-02-DD

FortiSwitch 200-400 series (with rugged models) one year management license including 24x7 FortiCare.

FC-10-FSW20-628-02-DD

FortiSwitch 500-900 series one year management license including 24x7 FortiCare.

FC-10-FSW30-628-02-DD

FortiSwitch 1000 series and above one year management license including 24x7 FortiCare.

FC-15-CLDPS-219-02-DD

FortiCloud Premium Account license with access to advanced configuration management for FortiAPs and FortiSwitches including 24x7 FortiCare.

Note

FortiAP-S and F-Series or later FortiAP-U family access points communicate with FortiCare/FortiGuard service to get UTP updates (for AV, IPS engine and database) when its FortiGuard subscription is valid.

Regions

Data centers are located in Canada and Germany for better performance and GDPR compliance for international customers. FortiLAN Cloud includes the Global, Europe, and Japan regions.

Network Port Numbers

The following table lists the network port numbers used by FortiLAN Cloud.

Purpose

Protocol

Port number

Customer UI and API access

HTTPS

TCP/443

FortiAP initial discovery

HTTPS

TCP/443

FortiAP CAPWAP (configuration, event logs, and statistics)

CAPWAP

UDP/5246, UDP/5247

FortiAP UTP logs

TCP/514

FortiAP firmware download

HTTPS

TCP/8443

FortiAP FortiGuard services (FortiAP-S/FortAP-U series)

UDP/53, UDP/8888

FortiAP to FortiPresence

UDP/4013

FortiSwitch

TCP/443, TCP/8443

Introduction

Introduction

FortiLAN Cloud is a unified management platform for standalone FortiAP and FortiSwitch deployments. FortiLAN Cloud provides configuration management and monitoring control for a handful of devices and can scale up to thousands of devices across multiple sites.

The following image shows the FortiLAN Cloud overview including the network management system (NMS) and administration communications.

FortiAP

FortiLAN Cloud centralizes the life-cycle management of your standalone FortiAP deployment with a simple, intuitive, and easy-to-use cloud interface that is accessible from anywhere at any time. With FortiLAN Cloud, you can deploy, configure, and manage your FortiAP devices. FortiLAN Cloud also offers enhanced visibility, monitoring, reporting, and analytics features for your FortiAP devices. FortiLAN Cloud also supports the FortiAP-S and FortiAP-U series which combine the elements of universal threat protection (UTP) protection at the network edge.

If you are interested in cloud management of FortiAP devices that are already connected to FortiGate devices, then use FortiGate Cloud, not FortiLAN Cloud.

FortiSwitch

FortiLAN Cloud provides management as a service (MaaS) for secure switching infrastructure deployed with FortiSwitch devices. It provides a centralized discovery, visibility, and configuration management solution without the need of on-premise hardware, software, or management overhead. FortiLAN Cloud manages FortiSwitch devices in standalone mode.

REST API

REST (REpresentational State Transfer) is a modern, scalable (but not high performance) client-server based RPC technique using existing HTTP protocol methods (such as GET, POST, PUT, DELETE) on server resources (identified by URLs) and transferring the resources in either XML / JSON / HTML representation. FortiLAN Cloud REST API provides functions similar to its GUI functions, both configuration and monitoring are supported over REST API. The FortiLAN Cloud REST APIs are integrated with FortiCloud IAM users, you can use REST APIs as a local user or an IAM user.

FortiLAN Cloud SKUs

Subscription SKU

Description

FC-10-90AP1-639-02-DD

FortiLAN Cloud FAP (FAP/FAP-U/FAP-C) advanced management license includes:

  • Advanced AP management features (where applicable for model)
  • One year log retention
  • 24x7 FortiCare

FC-10-90APS-639-02-DD

FortiLAN Cloud FAP-S advanced management license includes:

  • FortiGuard subscription services
  • Advanced AP management features
  • One year log retention
  • 24x7 FortiCare

FC-10-90APU-443-02-DD

FortiAP-U Series FortiGuard UTP subscription service license. Applicable to FortiGate or FortiLAN Cloud managed F-series or later FortiAP-U family access points.

FCLE-10-FCLD0-161-02-DD

One year FortiGate Cloud or FortiLAN Cloud Multi Tenancy service for a Managed Service Provider (MSP) to create and manage multiple sub-accounts.

FC-10-FSW00-628-02-DD

FortiSwitch 100 series (no rugged models) one year management license including 24x7 FortiCare .

FC-10-FSW10-628-02-DD

FortiSwitch 200-400 series (with rugged models) one year management license including 24x7 FortiCare.

FC-10-FSW20-628-02-DD

FortiSwitch 500-900 series one year management license including 24x7 FortiCare.

FC-10-FSW30-628-02-DD

FortiSwitch 1000 series and above one year management license including 24x7 FortiCare.

FC-15-CLDPS-219-02-DD

FortiCloud Premium Account license with access to advanced configuration management for FortiAPs and FortiSwitches including 24x7 FortiCare.

Note

FortiAP-S and F-Series or later FortiAP-U family access points communicate with FortiCare/FortiGuard service to get UTP updates (for AV, IPS engine and database) when its FortiGuard subscription is valid.

Regions

Data centers are located in Canada and Germany for better performance and GDPR compliance for international customers. FortiLAN Cloud includes the Global, Europe, and Japan regions.

Network Port Numbers

The following table lists the network port numbers used by FortiLAN Cloud.

Purpose

Protocol

Port number

Customer UI and API access

HTTPS

TCP/443

FortiAP initial discovery

HTTPS

TCP/443

FortiAP CAPWAP (configuration, event logs, and statistics)

CAPWAP

UDP/5246, UDP/5247

FortiAP UTP logs

TCP/514

FortiAP firmware download

HTTPS

TCP/8443

FortiAP FortiGuard services (FortiAP-S/FortAP-U series)

UDP/53, UDP/8888

FortiAP to FortiPresence

UDP/4013

FortiSwitch

TCP/443, TCP/8443