Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • GCP Administration Guide

    Home FortiGate Public Cloud 6.4.0 GCP Administration Guide
    6.4.0
    7.6.0
    7.4.0
    7.2.0
    7.0.0
    6.4.0
    6.2.0

    Initial deployment

    Initially deploying the FortiGate-VM

    To perform initial deployment of the FortiGate-VM:
    1. In the Google Cloud marketplace Cloud Launcher, find FortiGate Next-Generation Firewall. Select bring-your-own-license or pay-as-you-go according to your needs.
    2. Click LAUNCH.
    3. Configure the variables as required:

      See Deployment variables for descriptions of the deployment variables:

    4. Add more networks and network interfaces if desired:
      1. Under Network interfaces, click ADD NETWORK INTERFACE.
      2. Select the desired network and subnetwork, then click DONE.

      Note

      In this example, the HA-Sync and HA-Mgmt networks were added to NIC 3 and NIC 4 respectively to illustrate the support of multiple networks. If you are not configuring high availability, you can select other networks for any NIC on the FortiGate deployment.
      Note

      Google Cloud instances support a maximum of eight interfaces, based on the selected VM type.
    5. Click Deploy. When deployment is done, the following screen appears.

    Deployment variables

    Deployment name

    Enter the FortiGate-VM name to appear in the Compute Engine portal.

    Zone

    Choose the zone to deploy the FortiGate to.

    Machine type

    Choose the instance type required.

    Boot disk type

    Choose the desired boot disk type.

    Boot disk size in GB

    Leave as-is at 10 GB.

    Network

    Select the network located in the selected zone.

    Subnetwork

    Select the subnetwork where the FortiGate resides.

    Firewall

    Leave all selected as shown, or allow at least HTTPS if the strictest security is allowed in your network as the first setup. Change firewall settings as needed later on.

    These are the open ports allowed in Google Cloud to protect incoming access to the FortiGate instance over the Internet and are not part of FortiGate firewall features.

    External IP

    Select Ephemeral. You must access the FortiOS GUI via this public IP address.

    Enable log disk

    Enable the log disk.

    Log disk type

    Select the desired log disk type.

    Log disk size in GB

    Select the desired log disk size or leave as-is at 30 GB.

    Delete log disk when instance is deleted

    If enabled, the log disk is removed once you delete the FortiGate-VM instance. To retain the log disk after FortiGate-VM instance deletion, leave this disabled.

    Image Version

    Select the FortiGate version. The latest version is the default.
    Previous
    Next

    Initial deployment

    Initially deploying the FortiGate-VM

    To perform initial deployment of the FortiGate-VM:
    1. In the Google Cloud marketplace Cloud Launcher, find FortiGate Next-Generation Firewall. Select bring-your-own-license or pay-as-you-go according to your needs.
    2. Click LAUNCH.
    3. Configure the variables as required:

      See Deployment variables for descriptions of the deployment variables:

    4. Add more networks and network interfaces if desired:
      1. Under Network interfaces, click ADD NETWORK INTERFACE.
      2. Select the desired network and subnetwork, then click DONE.

      Note

      In this example, the HA-Sync and HA-Mgmt networks were added to NIC 3 and NIC 4 respectively to illustrate the support of multiple networks. If you are not configuring high availability, you can select other networks for any NIC on the FortiGate deployment.
      Note

      Google Cloud instances support a maximum of eight interfaces, based on the selected VM type.
    5. Click Deploy. When deployment is done, the following screen appears.

    Deployment variables

    Deployment name

    Enter the FortiGate-VM name to appear in the Compute Engine portal.

    Zone

    Choose the zone to deploy the FortiGate to.

    Machine type

    Choose the instance type required.

    Boot disk type

    Choose the desired boot disk type.

    Boot disk size in GB

    Leave as-is at 10 GB.

    Network

    Select the network located in the selected zone.

    Subnetwork

    Select the subnetwork where the FortiGate resides.

    Firewall

    Leave all selected as shown, or allow at least HTTPS if the strictest security is allowed in your network as the first setup. Change firewall settings as needed later on.

    These are the open ports allowed in Google Cloud to protect incoming access to the FortiGate instance over the Internet and are not part of FortiGate firewall features.

    External IP

    Select Ephemeral. You must access the FortiOS GUI via this public IP address.

    Enable log disk

    Enable the log disk.

    Log disk type

    Select the desired log disk type.

    Log disk size in GB

    Select the desired log disk size or leave as-is at 30 GB.

    Delete log disk when instance is deleted

    If enabled, the log disk is removed once you delete the FortiGate-VM instance. To retain the log disk after FortiGate-VM instance deletion, leave this disabled.

    Image Version

    Select the FortiGate version. The latest version is the default.
    Previous
    Next