Fortinet black logo

Security Fabric connector integration with Azure

Copy Link
Copy Doc ID 871aae25-4f83-11ea-9384-00505692583a:625336
Download PDF

Security Fabric connector integration with Azure

You can use FortiManager to create Fabric connectors for Azure, and then install the Fabric connectors to FortiOS.

The Fabric connectors in FortiManager define the type of connector and include information for FortiOS to communicate with and authenticate with the products. In some cases the FortiGate must communicate with products through the Fabric connector, and in other cases the FortiGate communicates directly with the products.

FortiOS works without the Fabric connector to communicate directly with Azure.

Following is an overview of creating an Azure Fabric connector using FortiManager:

  1. Create an Azure Fabric connector object. See Creating fabric connector objects for Microsoft Azure.
  2. Create dynamic firewall address objects. See Configuring a dynamic firewall address for a Fabric connector.
  3. Import address names from Azure to the Fabric connector. See Importing address names to a Fabric connector. FortiManager imports the address names and converts them to dynamic firewall address objects. The objects do not include IP addresses and display in Firewall Objects > Addresses.
  4. In the policy package where you will create the new policy, create an IPv4 policy and include the dynamic firewall address objects for Azure. See Creating an IP policy.
  5. Install the policy package to FortiOS. See Installing a policy package.

    FortiOS communicates with Azure to dynamically populate the firewall address objects with IP addresses.

Security Fabric connector integration with Azure

You can use FortiManager to create Fabric connectors for Azure, and then install the Fabric connectors to FortiOS.

The Fabric connectors in FortiManager define the type of connector and include information for FortiOS to communicate with and authenticate with the products. In some cases the FortiGate must communicate with products through the Fabric connector, and in other cases the FortiGate communicates directly with the products.

FortiOS works without the Fabric connector to communicate directly with Azure.

Following is an overview of creating an Azure Fabric connector using FortiManager:

  1. Create an Azure Fabric connector object. See Creating fabric connector objects for Microsoft Azure.
  2. Create dynamic firewall address objects. See Configuring a dynamic firewall address for a Fabric connector.
  3. Import address names from Azure to the Fabric connector. See Importing address names to a Fabric connector. FortiManager imports the address names and converts them to dynamic firewall address objects. The objects do not include IP addresses and display in Firewall Objects > Addresses.
  4. In the policy package where you will create the new policy, create an IPv4 policy and include the dynamic firewall address objects for Azure. See Creating an IP policy.
  5. Install the policy package to FortiOS. See Installing a policy package.

    FortiOS communicates with Azure to dynamically populate the firewall address objects with IP addresses.