Fortinet black logo

Deployment Guide

Home FortiSOAR Cloud 7.3.1 Deployment Guide

Deploying FortiSOAR Cloud

7.3.1
7.5.0
7.4.3
7.4.2
7.4.1
7.4.0
7.3.1
7.3.0
7.2.1
7.2.0
7.0.2
7.0.1
7.0.0
Copy Link
Copy Doc ID 9ff55a42-9592-11ed-8e6d-fa163e15d75b:8572
Download PDF

Deploying FortiSOAR Cloud

This section explains how to deploy FortiSOAR Cloud.

To deploy FortiSOAR Cloud:

  1. In the FortiCloud portal, ensure that you have a product entitlement for FortiSOAR Cloud, and note your account ID number:
    FortiSOAR Cloud Entitlement in FortiCLoud Portal
    Note

    After creating a FortiCloud account, wait for 30 minutes before moving to the next step.

  2. On FortiCare portal, click the FortiSOAR icon in the upper-left corner to access the FortiSOAR Cloud instance.
    FortiSOAR Instance in the FortiCare portal
  3. Once you log onto FortiSOAR Cloud, you require to select your region for FortiSOAR Cloud:
    FortiSOAR Cloud first page
  4. Once you select the region and expand the option, select the account which includes the FortiSOAR entitlement to open the menu drawer, then click Provision Instance.
    Provisioning the FortiSOAR instance
    The Account ID on the FortiSOAR portal represents the dedicated instance. Clicking Provision Instance displays the following confirmation dialog:
    Confirmation Dialog for provisioning FSR Cloud
    Clicking Yes starts the provisioning of the FortiSOAR Cloud instance, which gets provisioned in a few minutes.
    During provisioning FortiSOAR Cloud performs certain initial configuration steps that are required for FortiSOAR. Initial configuration steps include running the automated non-interactive FortiSOAR configuration wizard, enabling the embedded Secure Message Exchange, triggering the heartbeat between FortiCloud and FortiSOAR etc.
    Note

    FortiSOAR VM provisioning is considered successful only after FortiCloud receives the first heartbeat from FortiSOAR.


    If there are any provisioning failures, such as failures while FortiSOAR Cloud is performing initial configuration phase, using the automated non-interactive FortiSOAR configuration wizard, or failures while enabling the embedded Secure Message Exchange, then appropriate error messages are displayed on the FortiSOAR Cloud UI making it easier to understand the cause of the error , as shown in the following sample image:
    FortiSOAR Cloud provisioning errors
  5. Once provisioned, click Enter to access the FortiSOAR web GUI or select SSH to access the FortiSOAR console to begin using FortiSOAR Cloud. For more information, see the Beginning with FortiSOAR Cloud chapter.
    FortiSOAR Cloud VM Page
    Important: Once the VM is provisioned successfully, you must update the correct hostname value in the "Server_fqhn" global variable. You can update Server_fqhn using by opening the playbook designer and clicking Tools > Global Variables. In the 'Global Variables' list, click the edit icon beside Server_fqhn and in the Field Value field replace the current hostname value with fortisoar.localhost. The hostname will be <forticare_accountId>.fortisoar.forticloud.com.
Note

Only the primary account holder can create secondary account holders in FortiCloud. The secondary account holder can log in to the same instance as a restricted user. The primary account holder can modify the admin profile for the secondary user. For more information see the Adding a secondary account chapter.

Troubleshooting

Uniqueness error while adding a tenant in an MSSP setup using the Secure Message Exchange

The embedded Secure Message Exchange (SME) that is enabled by default in the case of FortiSOAR Cloud, throws the uniqueness error only when the tenant and master are in the same Cloud region.

Resolution

Before you configure your MSSP setup, ensure that you update the name of the SME on either the master node or the tenant node.

Previous
Next

Deploying FortiSOAR Cloud

This section explains how to deploy FortiSOAR Cloud.

To deploy FortiSOAR Cloud:

  1. In the FortiCloud portal, ensure that you have a product entitlement for FortiSOAR Cloud, and note your account ID number:
    FortiSOAR Cloud Entitlement in FortiCLoud Portal
    Note

    After creating a FortiCloud account, wait for 30 minutes before moving to the next step.

  2. On FortiCare portal, click the FortiSOAR icon in the upper-left corner to access the FortiSOAR Cloud instance.
    FortiSOAR Instance in the FortiCare portal
  3. Once you log onto FortiSOAR Cloud, you require to select your region for FortiSOAR Cloud:
    FortiSOAR Cloud first page
  4. Once you select the region and expand the option, select the account which includes the FortiSOAR entitlement to open the menu drawer, then click Provision Instance.
    Provisioning the FortiSOAR instance
    The Account ID on the FortiSOAR portal represents the dedicated instance. Clicking Provision Instance displays the following confirmation dialog:
    Confirmation Dialog for provisioning FSR Cloud
    Clicking Yes starts the provisioning of the FortiSOAR Cloud instance, which gets provisioned in a few minutes.
    During provisioning FortiSOAR Cloud performs certain initial configuration steps that are required for FortiSOAR. Initial configuration steps include running the automated non-interactive FortiSOAR configuration wizard, enabling the embedded Secure Message Exchange, triggering the heartbeat between FortiCloud and FortiSOAR etc.
    Note

    FortiSOAR VM provisioning is considered successful only after FortiCloud receives the first heartbeat from FortiSOAR.


    If there are any provisioning failures, such as failures while FortiSOAR Cloud is performing initial configuration phase, using the automated non-interactive FortiSOAR configuration wizard, or failures while enabling the embedded Secure Message Exchange, then appropriate error messages are displayed on the FortiSOAR Cloud UI making it easier to understand the cause of the error , as shown in the following sample image:
    FortiSOAR Cloud provisioning errors
  5. Once provisioned, click Enter to access the FortiSOAR web GUI or select SSH to access the FortiSOAR console to begin using FortiSOAR Cloud. For more information, see the Beginning with FortiSOAR Cloud chapter.
    FortiSOAR Cloud VM Page
    Important: Once the VM is provisioned successfully, you must update the correct hostname value in the "Server_fqhn" global variable. You can update Server_fqhn using by opening the playbook designer and clicking Tools > Global Variables. In the 'Global Variables' list, click the edit icon beside Server_fqhn and in the Field Value field replace the current hostname value with fortisoar.localhost. The hostname will be <forticare_accountId>.fortisoar.forticloud.com.
Note

Only the primary account holder can create secondary account holders in FortiCloud. The secondary account holder can log in to the same instance as a restricted user. The primary account holder can modify the admin profile for the secondary user. For more information see the Adding a secondary account chapter.

Troubleshooting

Uniqueness error while adding a tenant in an MSSP setup using the Secure Message Exchange

The embedded Secure Message Exchange (SME) that is enabled by default in the case of FortiSOAR Cloud, throws the uniqueness error only when the tenant and master are in the same Cloud region.

Resolution

Before you configure your MSSP setup, ensure that you update the name of the SME on either the master node or the tenant node.

Previous
Next