Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • User Guide

    25.2.0
    25.2.0

    Multi-region support

    Multi-region support

    Overview

    Multi-region support provides the ability to specify the geographic location where your data is stored, ensuring compliance to local data regulations. This feature allows you to decide precisely where your data is handled.

    This article explores the scope of multi-region support, key differences between regions, and outlines the necessary steps that you must follow to configure your environment.

    Data residency

    Data residency refers to the physical or geographical location where an organization’s data is stored. Under data privacy laws like the GDPR, organizations may be required to store certain data within the country or region where it is collected.

    Data residency vs. monitoring location

    While data residency refers to the physical or geographical location where data is stored, monitoring location is the geographical area from which monitoring activities are conducted. Even if a user selects a specific region, they will still have access to all monitoring locations within FortiMonitor’s global monitoring network.

    Installing Agents, OnSights, and NetFlow appliances in a Multi-Region setup

    During Agent, OnSight, or NetFlow appliance installation, you will find the proper region to use. The appliances will register and subsequently communicate directly with that region.

    Always use the installer command line provided in the control panel for your specific region. This command line is tailored to include the necessary region reference.

    Using an incorrect installer command line may result in the appliance failing to register with the correct region, leading to potential configuration issues and communication failures.

    Regions

    The following table describes the key differences between the two available regions.

    Region

    Aggregator URL

    Data storage location

    United States

    rx.us01.fortimonitor.com

    GCP US central region

    Europe

    rx.eu01.fortimonitor.com

    GCP Frankfurt region

    Note: Configuration, alerting, reporting, and user interfaces are strictly separated by region. Unless there’s a compelling reason to use multiple regions, it is generally more efficient to stick to a single region.

    Requirements

    User access

    As users are added in FortiCloud and granted access to FortiMonitor, they will be subsequently created in each of the FortiMonitor regions your account is using. Each user will be created with no ACL roles. These must be granted by an administrator before the new user account can be used.

    Users can have different ACL roles in different regions, meaning they don’t need to have the same level of access across all regions. Administrators have the flexibility to set local ACL settings to No Access in regions they prefer the user not to access, although the user’s account will still appear in those regions.

    Selecting a region

    1. Log in or create a FortiCloud account. To create a FortiCloud account, Creating a FortiCloud account.

    2. After creating a FortiCloud account, go back to the main FortiCloud page.

    3. Click FortiMonitor from the FortiCloud Services menu.

    4. New users are presented with the region selection screen. Select a region.

    5. After selecting a region, a user with the Administrator role will automatically be created for you on the selected region. You can now access FortiMonitor on your selected region.

    Adding a user

    Add a user using FortiMonitor

    Follow the steps detailed in this article Add users using FortiMonitor. Note that users created using this method will only exist in the region where they were created.

    Add a user using FortiCloud

    1. Create a FortiCloud user by following the steps detailed in this page .

    2. After creating a FortiCloud user, go back to the main FortiCloud page.

    3. Go back to FortiMonitor by clicking FortiMonitor from the FortiCloud Services menu.

    4. From the FortiMonitor control panel, go to Teams & Activity > Users, Groups & On-Call.

    5. Click the Sync Fortinet Users button. This will add the created users to FortiMonitor.
      Note: A discovery process is ran nightly to sync users created in FortiCloud to FortiMonitor. Use the Sync Fortinet Users button if you want to sync the created users immediately.

    6. Users created in FortiCloud will have the No Access ACL role enabled by default. An Administrator must set the permissions in FortiMonitor. For more information, see Access control.

    Previous
    Next

    Multi-region support

    Multi-region support

    Overview

    Multi-region support provides the ability to specify the geographic location where your data is stored, ensuring compliance to local data regulations. This feature allows you to decide precisely where your data is handled.

    This article explores the scope of multi-region support, key differences between regions, and outlines the necessary steps that you must follow to configure your environment.

    Data residency

    Data residency refers to the physical or geographical location where an organization’s data is stored. Under data privacy laws like the GDPR, organizations may be required to store certain data within the country or region where it is collected.

    Data residency vs. monitoring location

    While data residency refers to the physical or geographical location where data is stored, monitoring location is the geographical area from which monitoring activities are conducted. Even if a user selects a specific region, they will still have access to all monitoring locations within FortiMonitor’s global monitoring network.

    Installing Agents, OnSights, and NetFlow appliances in a Multi-Region setup

    During Agent, OnSight, or NetFlow appliance installation, you will find the proper region to use. The appliances will register and subsequently communicate directly with that region.

    Always use the installer command line provided in the control panel for your specific region. This command line is tailored to include the necessary region reference.

    Using an incorrect installer command line may result in the appliance failing to register with the correct region, leading to potential configuration issues and communication failures.

    Regions

    The following table describes the key differences between the two available regions.

    Region

    Aggregator URL

    Data storage location

    United States

    rx.us01.fortimonitor.com

    GCP US central region

    Europe

    rx.eu01.fortimonitor.com

    GCP Frankfurt region

    Note: Configuration, alerting, reporting, and user interfaces are strictly separated by region. Unless there’s a compelling reason to use multiple regions, it is generally more efficient to stick to a single region.

    Requirements

    User access

    As users are added in FortiCloud and granted access to FortiMonitor, they will be subsequently created in each of the FortiMonitor regions your account is using. Each user will be created with no ACL roles. These must be granted by an administrator before the new user account can be used.

    Users can have different ACL roles in different regions, meaning they don’t need to have the same level of access across all regions. Administrators have the flexibility to set local ACL settings to No Access in regions they prefer the user not to access, although the user’s account will still appear in those regions.

    Selecting a region

    1. Log in or create a FortiCloud account. To create a FortiCloud account, Creating a FortiCloud account.

    2. After creating a FortiCloud account, go back to the main FortiCloud page.

    3. Click FortiMonitor from the FortiCloud Services menu.

    4. New users are presented with the region selection screen. Select a region.

    5. After selecting a region, a user with the Administrator role will automatically be created for you on the selected region. You can now access FortiMonitor on your selected region.

    Adding a user

    Add a user using FortiMonitor

    Follow the steps detailed in this article Add users using FortiMonitor. Note that users created using this method will only exist in the region where they were created.

    Add a user using FortiCloud

    1. Create a FortiCloud user by following the steps detailed in this page .

    2. After creating a FortiCloud user, go back to the main FortiCloud page.

    3. Go back to FortiMonitor by clicking FortiMonitor from the FortiCloud Services menu.

    4. From the FortiMonitor control panel, go to Teams & Activity > Users, Groups & On-Call.

    5. Click the Sync Fortinet Users button. This will add the created users to FortiMonitor.
      Note: A discovery process is ran nightly to sync users created in FortiCloud to FortiMonitor. Use the Sync Fortinet Users button if you want to sync the created users immediately.

    6. Users created in FortiCloud will have the No Access ACL role enabled by default. An Administrator must set the permissions in FortiMonitor. For more information, see Access control.

    Previous
    Next