Each ADOM is associated with a specific firmware version, based on the firmware version of the devices that are in that ADOM. This version is selected when creating a new ADOM. See Creating ADOMs.
ADOM version N can manage devices with firmware version N. For example, ADOM version 6.0 can manage devices with firmware version 6.0.
When upgrading firmware for managed devices, ADOM version N can tolerate to manage devices with firmware version N+1. For example, ADOM version 5.6 can manage devices with firmware 5.6 and 6.0. This allows you to continue to manage an ADOM as normal while upgrading the devices within that ADOM. You can only update the ADOM version from N to N+1 after all of the devices within the ADOM have been updated to firmware version N+1.
When adding a new FortiGate unit to an ADOM, the FortiGate unit should have the same FortiOS version as the ADOM.
This feature can be used to facilitate upgrading to new firmware.
Importing policies from devices running higher versions than the ADOM is not supported. Installation to devices running higher versions is supported.
FortiManager 5.6 supports FortiOS 5.2, 5.4, and 5.6 ADOMs. For a complete list of supported devices and firmware versions, see the FortiManager Release Notes.
The general steps for upgrading an ADOM containing multiple devices running FortiOS 5.4 from 5.4 to 5.6 are as follows:
- In the ADOM, upgrade one of the FortiGate units to FortiOS 5.6, and then resynchronize the device. See Firmware for more information.
All of the ADOM objects, including Policy Packages, remain as 5.4 objects.
- Upgrade the rest of the FortiGate units in the ADOM to FortiOS 5.6.
- Upgrade the ADOM to 5.6. See Upgrading an ADOM for more information.
All of the database objects will be converted to 5.6 format, and the GUI content for the ADOM will change to reflect 5.6 features and behavior.
An ADOM can only be upgraded after all the devices within the ADOM have been upgraded.