Fortinet black logo

Administration Guide

Home FortiPolicy 7.2.4 Administration Guide
7.2.4
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0

Security Fabric

Security Fabric

Connecting FortiPolicy to your Security Fabric automatically loads data on all the fabric’s workloads into FortiPolicy. This can be confirmed on the Insights > Workloads dashboard and the Insights > Maps view.

The Configuration > Security Fabric page allows you to edit your current Security Fabric settings or replace your current settings with a new Security Fabric.

Editing your current Security Fabric settings

  1. Go to Configuration > Security Fabric.

  2. Click Edit current security fabric settings.

  3. Make any necessary changes.

  4. Click UPDATE.

Replacing your Security Fabric

Each FortiPolicy installation is licensed to analyze one Security Fabric. If you are removing FortiPolicy from one Security Fabric to analyze another Security Fabric, you need to remove the FortiPolicy configurations from the first Security Fabric. If you have completed the Action Steps in Workspace > Applications, do the following before replacing your Security Fabric with a different one:

  1. Go to Workspace > Applications.

  2. In the Action Steps panel, click Revert in Step 5: Security to stop enforcing the policy rules.

  3. Click Revert in Step 3: Microsegment to remove segmentation and microsegmentation.

  4. Click EDIT SETUP in Step 1: Discover Connections.

  5. Click Advanced Settings.

  6. Click DELETE ALL to delete all applications and policy rules.

  7. Click PURGE DATA to delete connection data, proposed applications, and policy rules.

  8. Click CLOSE to leave the Advanced Settings dialog.

  9. Click SAVE and CLOSE to leave the Setup Policy Generation wizard.

  10. Go to Configuration > Data Planes.

  11. Click the vertical ellipsis menu and select Delete for each data plane.

To replace the Security Fabric:

  1. Go to Configuration > Security Fabric.

  2. Click Replace with new security fabric.

  3. In the Serial Number field, enter the serial number for the new root FortiGate device.

    The FortiGate serial number is displayed in the System Information widget on the Dashboard > Status page of your FortiGate device.

  4. In the IP Address field, enter the IP address of the new root FortiGate device.
  5. By default, the Port field is set to 8013.
  6. In the Assign FortiPolicy ACL Policy dropdown list, select a customized ACL policy or select Default ACL Policy if you have not created your own ACL policy.
  7. Click UPDATE.
Tooltip

After replacing the Security Fabric, you need to authorize FortiPolicy on the root FortiGate device and create a data plane for every FortiGate device that you want to protect.
Previous
Next

Security Fabric

Connecting FortiPolicy to your Security Fabric automatically loads data on all the fabric’s workloads into FortiPolicy. This can be confirmed on the Insights > Workloads dashboard and the Insights > Maps view.

The Configuration > Security Fabric page allows you to edit your current Security Fabric settings or replace your current settings with a new Security Fabric.

Editing your current Security Fabric settings

  1. Go to Configuration > Security Fabric.

  2. Click Edit current security fabric settings.

  3. Make any necessary changes.

  4. Click UPDATE.

Replacing your Security Fabric

Each FortiPolicy installation is licensed to analyze one Security Fabric. If you are removing FortiPolicy from one Security Fabric to analyze another Security Fabric, you need to remove the FortiPolicy configurations from the first Security Fabric. If you have completed the Action Steps in Workspace > Applications, do the following before replacing your Security Fabric with a different one:

  1. Go to Workspace > Applications.

  2. In the Action Steps panel, click Revert in Step 5: Security to stop enforcing the policy rules.

  3. Click Revert in Step 3: Microsegment to remove segmentation and microsegmentation.

  4. Click EDIT SETUP in Step 1: Discover Connections.

  5. Click Advanced Settings.

  6. Click DELETE ALL to delete all applications and policy rules.

  7. Click PURGE DATA to delete connection data, proposed applications, and policy rules.

  8. Click CLOSE to leave the Advanced Settings dialog.

  9. Click SAVE and CLOSE to leave the Setup Policy Generation wizard.

  10. Go to Configuration > Data Planes.

  11. Click the vertical ellipsis menu and select Delete for each data plane.

To replace the Security Fabric:

  1. Go to Configuration > Security Fabric.

  2. Click Replace with new security fabric.

  3. In the Serial Number field, enter the serial number for the new root FortiGate device.

    The FortiGate serial number is displayed in the System Information widget on the Dashboard > Status page of your FortiGate device.

  4. In the IP Address field, enter the IP address of the new root FortiGate device.
  5. By default, the Port field is set to 8013.
  6. In the Assign FortiPolicy ACL Policy dropdown list, select a customized ACL policy or select Default ACL Policy if you have not created your own ACL policy.
  7. Click UPDATE.
Tooltip

After replacing the Security Fabric, you need to authorize FortiPolicy on the root FortiGate device and create a data plane for every FortiGate device that you want to protect.
Previous
Next