Fortinet black logo

Administration Guide

Home FortiManager 7.2.1 Administration Guide

Create a new hyperscale policy

7.2.1
7.4.2
7.4.1
7.4.0
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.12
7.0.11
7.0.10
7.0.9
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.4.14
6.4.13
6.4.12
6.4.11
6.4.10
6.4.9
6.4.8
6.4.7
6.4.6
6.4.5
6.4.4
6.4.3
6.4.2
6.4.1
6.4.0
6.2.12
6.2.11
6.2.10
6.2.9
6.2.8
6.2.7
6.2.6
6.2.6
6.2.5
6.2.3
6.2.2
6.2.1
6.2.0
6.0.12
6.0.11
6.0.10
6.0.9
6.0.8
6.0.7
6.0.6
6.0.5
6.0.4
6.0.3
6.0.2
6.0.1
6.0.0
5.6.11
5.6.10
5.6.9
5.6.8
5.6.7
5.6.6
5.6.5
5.6.4
5.6.3
5.6.2
5.6.1
5.6.0
5.4.7
5.4.6
5.4.5
5.4.4
5.4.3
5.4.2
5.4.1
5.4.0
5.2.10
5.2.7
5.2.6
5.2.4
5.2.3
5.2.2
5.2.1
5.2.0
5.0.12
5.0.11
5.0.10
5.0.9
5.0.8
5.0.7
5.0.6
5.0.5
5.0.4
5.0.3
5.0.2
4.3.8
4.3.7
4.3.6
4.3.5
4.3.4
4.3.3
4.3.2
4.3.1
4.3.0
4.2.9
4.2.8
4.2.7
4.2.6
4.2.5
4.2.4
4.2.3
4.2.2
4.2.1
4.2.0
4.1.0
4.0.3
4.0.2
4.0.1
4.0.0
Copy Link
Copy Doc ID 04f80bb3-e03c-11ec-bb32-fa163e15d75b:707922
Download PDF

Create a new hyperscale policy

In FortiManager, you can create hyperscale policies by configuring the policy package's policy offload level to Full Offload and enabling the policy types in the Display Options. For more information on hyperscale firewalls, see the FortiOS Hyperscale Firewall Guide.

Hyperscale policies are only available on limited FortiGates with a hyperscale firewall license.

Hyperscale policies must be enabled before they can be used. On the Policy & Objects pane, from the Tools menu, select Display Options and then select the hyperscale policy checkboxes to display these options, if available.

To use hyperscale policies in a policy package:
  1. Go to Policy & Objects in supported a ADOM version on FortiManager.
  2. Create a new policy package, or right click an existing policy package from the tree menu, and select Edit.
  3. Under the Policy Offload Level option, select Full Offload, and click OK.
    Hyperscale policy types enabled in Display Options are now available in the policy package.
To configure a hyperscale policy:
  1. If using ADOMs, ensure that you are in the correct ADOM.
  2. Go to Policy & Objects > Policy Packages.
  3. In the tree menu for the policy package click the selected hyperscale policy.
  4. Click Create New.
  5. Enter the following information:

    Option

    Description

    NameEnter a unique name for the policy. Each policy must have a unique name.
    Incoming InterfaceClick the field then select interfaces.Click the remove icon to remove interfaces.
    Outgoing InterfaceSelect outgoing interfaces in the same manner as Incoming Interface.

    Source Address

    Select source addresses, address groups, virtual IPs, and virtual IP groups.

    Destination Address

    Select destination addresses, address groups, virtual IPs, and virtual IP groups.

    Service

    Select services and service groups.

    Action

    Select an action for the policy to take: DENY or ACCEPT.

    Comments

    Add a description of the policy, such as its purpose, or the changes that have been made to it.

    Advanced Options

    Expand to view and configure advanced options for the policy.

    Change Note

    		Add a description of the changes being made to the policy. This field is required.
    Note

    When configuring a Hyperscale Policy, there are fields to define IPv4 and IPv6 source addresses and destination addresses.

  6. Click OK to create the policy. You can select to enable or disable the policy in the right-click menu. When disabled, a disabled icon will be displayed in the Seq.# column to the left of the number. By default, policies will be added to the bottom of the list, but above the implicit policy.
Previous
Next

Create a new hyperscale policy

In FortiManager, you can create hyperscale policies by configuring the policy package's policy offload level to Full Offload and enabling the policy types in the Display Options. For more information on hyperscale firewalls, see the FortiOS Hyperscale Firewall Guide.

Hyperscale policies are only available on limited FortiGates with a hyperscale firewall license.

Hyperscale policies must be enabled before they can be used. On the Policy & Objects pane, from the Tools menu, select Display Options and then select the hyperscale policy checkboxes to display these options, if available.

To use hyperscale policies in a policy package:
  1. Go to Policy & Objects in supported a ADOM version on FortiManager.
  2. Create a new policy package, or right click an existing policy package from the tree menu, and select Edit.
  3. Under the Policy Offload Level option, select Full Offload, and click OK.
    Hyperscale policy types enabled in Display Options are now available in the policy package.
To configure a hyperscale policy:
  1. If using ADOMs, ensure that you are in the correct ADOM.
  2. Go to Policy & Objects > Policy Packages.
  3. In the tree menu for the policy package click the selected hyperscale policy.
  4. Click Create New.
  5. Enter the following information:

    Option

    Description

    NameEnter a unique name for the policy. Each policy must have a unique name.
    Incoming InterfaceClick the field then select interfaces.Click the remove icon to remove interfaces.
    Outgoing InterfaceSelect outgoing interfaces in the same manner as Incoming Interface.

    Source Address

    Select source addresses, address groups, virtual IPs, and virtual IP groups.

    Destination Address

    Select destination addresses, address groups, virtual IPs, and virtual IP groups.

    Service

    Select services and service groups.

    Action

    Select an action for the policy to take: DENY or ACCEPT.

    Comments

    Add a description of the policy, such as its purpose, or the changes that have been made to it.

    Advanced Options

    Expand to view and configure advanced options for the policy.

    Change Note

    		Add a description of the changes being made to the policy. This field is required.
    Note

    When configuring a Hyperscale Policy, there are fields to define IPv4 and IPv6 source addresses and destination addresses.

  6. Click OK to create the policy. You can select to enable or disable the policy in the right-click menu. When disabled, a disabled icon will be displayed in the Seq.# column to the left of the number. By default, policies will be added to the bottom of the list, but above the implicit policy.
Previous
Next