Support FortiSOAR license update in an air-gapped environment (closed network) 6.4.3
You can now create fabric ADOMs. When you add FortiSOAR devices to FortiManager as unmanaged devices, you can only authorize FortiSOAR devices to fabric ADOMs.
In addition, you can use FortiGuard module in FortiManager in a closed network for license updates to FortiSOAR devices.
This topic contains the following sections:
- Creating ADOMs of type Fabric
- Authorizing FortiSOAR devices
- Updating FortiSOAR licenses in closed networks
Creating ADOMs of type Fabric
You can create ADOMs and select type Fabric. You can then select the ADOM when you authorize unmanaged FortiSOAR devices.
To create ADOMs of type Fabric:
- Ensure that ADOMs are enabled on System Settings > Dashboard.
- Go to System Settings > All ADOMs.
- Click Create New.
The Create New ADOM pane is displayed.
- In the Name box, type a name for the ADOM.
- In the Type list, select Fabric.
- Configure the settings for the new ADOM, and click OK.
The new ADOM displays on the All ADOMs page in the Security Fabric.
Authorizing FortiSOAR devices
When you authorize FortiSOAR devices, you can only add them to ADOMs of type Fabric. Before you authorize FortiSOAR devices, ensure that you enable ADOMs on FortiManager and create an ADOM of type Fabric.
To authorize FortiSOAR devices:
- On FortiSOAR, add the FortiManager IP and configured port as the FortiGuard override server.
FortiSOAR displays in FortiManager as an unauthorized device.
- In FortiManager, select the root ADOM, and go to Device Manager > Device & Groups > Unauthorized Devices.
FortiSOAR displays as an unauthorized device.
- Select the FortiSOAR device, and click Authorize.
The Authorize Device dialog box displays.
- In the Add the following device(s) to ADOM list, select the fabric ADOM, and click OK.
The FortiSOAR device is authorized and displayed in the fabric ADOM.
Updating FortiSOAR licenses in closed networks
You can use FortiManager in a closed network to update licenses for FortiSOAR devices.
Before you can use FortiManager in a closed network to update licenses for FortiSOAR devices, you must perform the following tasks:
-
Add FortiSOAR devices to FortiManager as unmanaged devices, and authorize FortiSOAR devices to a fabric ADOM.
-
Request the entitlement file for FortiSOAR devices from the Fortinet Customer Service & Support site
To update FortiSOAR licenses in closed networks:
- In FortiManager, go to FortiGuard > Settings, and ensure that Enable Communication with FortiGuard Server is toggled OFF.
test
- Under Upload Options for FortiGate/FortiMail, click Upload beside Service License.
Although the option is labeled for FortiGate or FortiMail, you can use this option for other types of devices, such as FortiSOAR.
The Service License Upload dialog box is displayed.
- Drop the account entitlement file on the dialog box, and click OK.
The license information is uploaded.
- Go to Licensing Status to view licensing information for FortiSOAR.