Upgrading the firmware of managed devices
Each ADOM has a firmware version associated with it. FortiGates must be running firmware in the same maintenance release to be added to the ADOM.
When you upgrade a FortiGate, it is not necessary to move it to a new ADOM, provided that ADOM upgrade is supported to the next FortiOS version level. Instead, you can upgrade the firmware of that FortiGate to the next higher maintenance release. Once all the FortiGates in an ADOM have been upgraded to the new maintenance release, you can upgrade the ADOM itself.
Using the ADOM upgrade option is recommended in most scenarios because it is much simpler than moving the devices to a new ADOM. Moving devices to a new ADOM requires importing policies for each moved device, and the creation of a new policy package in the new ADOM.
You might decide to move upgraded devices to a new ADOM if you are deploying new devices in the field anyway. |