Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Administration Guide

    Home FortiManager 7.0.5 Administration Guide
    7.0.5
    7.6.1
    7.6.0
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.15
    6.4.14
    6.4.13
    6.4.12
    6.4.11
    6.4.10
    6.4.9
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.13
    6.2.12
    6.2.11
    6.2.10
    6.2.9
    6.2.8
    6.2.7
    6.2.6
    6.2.6
    6.2.5
    6.2.3
    6.2.2
    6.2.1
    6.2.0
    6.0.12
    6.0.11
    6.0.10
    6.0.9
    6.0.8
    6.0.7
    6.0.6
    6.0.5
    6.0.4
    6.0.3
    6.0.2
    6.0.1
    6.0.0
    5.6.11
    5.6.10
    5.6.9
    5.6.8
    5.6.7
    5.6.6
    5.6.5
    5.6.4
    5.6.3
    5.6.2
    5.6.1
    5.6.0
    5.4.7
    5.4.6
    5.4.5
    5.4.4
    5.4.3
    5.4.2
    5.4.1
    5.4.0
    5.2.10
    5.2.7
    5.2.6
    5.2.4
    5.2.3
    5.2.2
    5.2.1
    5.2.0
    5.0.12
    5.0.11
    5.0.10
    5.0.9
    5.0.8
    5.0.7
    5.0.6
    5.0.5
    5.0.4
    5.0.3
    5.0.2
    4.3.8
    4.3.7
    4.3.6
    4.3.5
    4.3.4
    4.3.3
    4.3.2
    4.3.1
    4.3.0
    4.2.9
    4.2.8
    4.2.7
    4.2.6
    4.2.5
    4.2.4
    4.2.3
    4.2.2
    4.2.1
    4.2.0
    4.1.0
    4.0.3
    4.0.2
    4.0.1
    4.0.0

    Verifying devices with private data encryption enabled

    Verifying devices with private data encryption enabled

    FortiManager supports the private data encryption settings on FortiOS. FortiGates with the private-data-encryption setting enabled can be managed by FortiManager.

    When a FortiGate with the private-data-encryption setting enabled is added to FortiManager, FortiManager requires the FortiGate encryption key to be entered in FortiManager to successfully install device configuration settings and manage the added FortiGate. To know more about adding devices to FortiManager, see Add devices.

    To verify an added FortiGate with its encryption key on FortiManager:
    1. Go to Device Manager > Device & Groups. The Device Manager prompts with a Warning dialog that requires the FortiGate encryption key to be entered:

    2. Enter the correct encryption key into the Private Data Encryption Key field for each of the listed FortiGates. The Warning dialog lists all the FortiGates for which the respective encryption keys are required.

    3. Click Verify. If the encryption key matches, the device is verified.

      If the encryption key does not match, the verification fails, and you may try again with the correct key.

    Once the added FortiGates are verified, you may start managing the added devices.

    Every time you try to install configuration settings to the managed FortiGates, FortiManager checks if the FortiGate encryption is correct. If the encryption key is incorrect, the added device is disabled for installation.

    You may verify devices again from the Device Manager by entering the correct encryption keys for the disabled FortiGates.

    Note

    FortiManager does not support enabling or disabling the private-data-encryption setting on FortiOS. It must be done on the managed FortiGate. To learn more about it, see the FortiOS Administration Guide on the Docs Library.

    If the private-data-encryption setting is enabled on an already managed FortiGate, you may need to manually retrieve device configuration settings again on FortiManager.
    Previous
    Next

    Verifying devices with private data encryption enabled

    Verifying devices with private data encryption enabled

    FortiManager supports the private data encryption settings on FortiOS. FortiGates with the private-data-encryption setting enabled can be managed by FortiManager.

    When a FortiGate with the private-data-encryption setting enabled is added to FortiManager, FortiManager requires the FortiGate encryption key to be entered in FortiManager to successfully install device configuration settings and manage the added FortiGate. To know more about adding devices to FortiManager, see Add devices.

    To verify an added FortiGate with its encryption key on FortiManager:
    1. Go to Device Manager > Device & Groups. The Device Manager prompts with a Warning dialog that requires the FortiGate encryption key to be entered:

    2. Enter the correct encryption key into the Private Data Encryption Key field for each of the listed FortiGates. The Warning dialog lists all the FortiGates for which the respective encryption keys are required.

    3. Click Verify. If the encryption key matches, the device is verified.

      If the encryption key does not match, the verification fails, and you may try again with the correct key.

    Once the added FortiGates are verified, you may start managing the added devices.

    Every time you try to install configuration settings to the managed FortiGates, FortiManager checks if the FortiGate encryption is correct. If the encryption key is incorrect, the added device is disabled for installation.

    You may verify devices again from the Device Manager by entering the correct encryption keys for the disabled FortiGates.

    Note

    FortiManager does not support enabling or disabling the private-data-encryption setting on FortiOS. It must be done on the managed FortiGate. To learn more about it, see the FortiOS Administration Guide on the Docs Library.

    If the private-data-encryption setting is enabled on an already managed FortiGate, you may need to manually retrieve device configuration settings again on FortiManager.
    Previous
    Next