Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Administration Guide

    Home FortiManager 7.2.1 Administration Guide
    7.2.1
    7.6.1
    7.6.0
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.15
    6.4.14
    6.4.13
    6.4.12
    6.4.11
    6.4.10
    6.4.9
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.13
    6.2.12
    6.2.11
    6.2.10
    6.2.9
    6.2.8
    6.2.7
    6.2.6
    6.2.6
    6.2.5
    6.2.3
    6.2.2
    6.2.1
    6.2.0
    6.0.12
    6.0.11
    6.0.10
    6.0.9
    6.0.8
    6.0.7
    6.0.6
    6.0.5
    6.0.4
    6.0.3
    6.0.2
    6.0.1
    6.0.0
    5.6.11
    5.6.10
    5.6.9
    5.6.8
    5.6.7
    5.6.6
    5.6.5
    5.6.4
    5.6.3
    5.6.2
    5.6.1
    5.6.0
    5.4.7
    5.4.6
    5.4.5
    5.4.4
    5.4.3
    5.4.2
    5.4.1
    5.4.0
    5.2.10
    5.2.7
    5.2.6
    5.2.4
    5.2.3
    5.2.2
    5.2.1
    5.2.0
    5.0.12
    5.0.11
    5.0.10
    5.0.9
    5.0.8
    5.0.7
    5.0.6
    5.0.5
    5.0.4
    5.0.3
    5.0.2
    4.3.8
    4.3.7
    4.3.6
    4.3.5
    4.3.4
    4.3.3
    4.3.2
    4.3.1
    4.3.0
    4.2.9
    4.2.8
    4.2.7
    4.2.6
    4.2.5
    4.2.4
    4.2.3
    4.2.2
    4.2.1
    4.2.0
    4.1.0
    4.0.3
    4.0.2
    4.0.1
    4.0.0

    Create a new hyperscale policy

    Create a new hyperscale policy

    In FortiManager, you can create hyperscale policies by configuring the policy package's policy offload level to Full Offload and enabling the policy types in the Display Options. For more information on hyperscale firewalls, see the FortiOS Hyperscale Firewall Guide.

    Hyperscale policies are only available on limited FortiGates with a hyperscale firewall license.

    Hyperscale policies must be enabled before they can be used. On the Policy & Objects pane, from the Tools menu, select Display Options and then select the hyperscale policy checkboxes to display these options, if available.

    To use hyperscale policies in a policy package:
    1. Go to Policy & Objects in supported a ADOM version on FortiManager.
    2. Create a new policy package, or right click an existing policy package from the tree menu, and select Edit.
    3. Under the Policy Offload Level option, select Full Offload, and click OK.
      Hyperscale policy types enabled in Display Options are now available in the policy package.
    To configure a hyperscale policy:
    1. If using ADOMs, ensure that you are in the correct ADOM.
    2. Go to Policy & Objects > Policy Packages.
    3. In the tree menu for the policy package click the selected hyperscale policy.
    4. Click Create New.
    5. Enter the following information:

      Option

      Description

      NameEnter a unique name for the policy. Each policy must have a unique name.
      Incoming InterfaceClick the field then select interfaces.Click the remove icon to remove interfaces.
      Outgoing InterfaceSelect outgoing interfaces in the same manner as Incoming Interface.

      Source Address

      Select source addresses, address groups, virtual IPs, and virtual IP groups.

      Destination Address

      Select destination addresses, address groups, virtual IPs, and virtual IP groups.

      Service

      Select services and service groups.

      Action

      Select an action for the policy to take: DENY or ACCEPT.

      Comments

      Add a description of the policy, such as its purpose, or the changes that have been made to it.

      Advanced Options

      Expand to view and configure advanced options for the policy.

      Change Note

      		Add a description of the changes being made to the policy. This field is required.
      Note

      When configuring a Hyperscale Policy, there are fields to define IPv4 and IPv6 source addresses and destination addresses.

    6. Click OK to create the policy. You can select to enable or disable the policy in the right-click menu. When disabled, a disabled icon will be displayed in the Seq.# column to the left of the number. By default, policies will be added to the bottom of the list, but above the implicit policy.
    Previous
    Next

    Create a new hyperscale policy

    Create a new hyperscale policy

    In FortiManager, you can create hyperscale policies by configuring the policy package's policy offload level to Full Offload and enabling the policy types in the Display Options. For more information on hyperscale firewalls, see the FortiOS Hyperscale Firewall Guide.

    Hyperscale policies are only available on limited FortiGates with a hyperscale firewall license.

    Hyperscale policies must be enabled before they can be used. On the Policy & Objects pane, from the Tools menu, select Display Options and then select the hyperscale policy checkboxes to display these options, if available.

    To use hyperscale policies in a policy package:
    1. Go to Policy & Objects in supported a ADOM version on FortiManager.
    2. Create a new policy package, or right click an existing policy package from the tree menu, and select Edit.
    3. Under the Policy Offload Level option, select Full Offload, and click OK.
      Hyperscale policy types enabled in Display Options are now available in the policy package.
    To configure a hyperscale policy:
    1. If using ADOMs, ensure that you are in the correct ADOM.
    2. Go to Policy & Objects > Policy Packages.
    3. In the tree menu for the policy package click the selected hyperscale policy.
    4. Click Create New.
    5. Enter the following information:

      Option

      Description

      NameEnter a unique name for the policy. Each policy must have a unique name.
      Incoming InterfaceClick the field then select interfaces.Click the remove icon to remove interfaces.
      Outgoing InterfaceSelect outgoing interfaces in the same manner as Incoming Interface.

      Source Address

      Select source addresses, address groups, virtual IPs, and virtual IP groups.

      Destination Address

      Select destination addresses, address groups, virtual IPs, and virtual IP groups.

      Service

      Select services and service groups.

      Action

      Select an action for the policy to take: DENY or ACCEPT.

      Comments

      Add a description of the policy, such as its purpose, or the changes that have been made to it.

      Advanced Options

      Expand to view and configure advanced options for the policy.

      Change Note

      		Add a description of the changes being made to the policy. This field is required.
      Note

      When configuring a Hyperscale Policy, there are fields to define IPv4 and IPv6 source addresses and destination addresses.

    6. Click OK to create the policy. You can select to enable or disable the policy in the right-click menu. When disabled, a disabled icon will be displayed in the Seq.# column to the left of the number. By default, policies will be added to the bottom of the list, but above the implicit policy.
    Previous
    Next