Fortinet black logo
Best Practices | Solutions Hub

Security Fabric

Fabric Setup

Quick Start

This section outlines the basic Fabric configurations to get started.

  • Configuring the root FortiGate and downstream FortiGates
  • Configuring FortiAnalyzer
  • Security Fabric Components

Fortinet On-Prem Connectors

This section highlights various On-prem Fortinet products that can be connected to the Fabric

  • Authorizing LAN Edge Devices (FortiAP, FortiSwitch & FortiExtender)
  • Adding Central Management (FortiManager)
  • Adding FortiClient EMS
  • Adding FortiSandbox
  • Adding FortiNAC

Fortinet Cloud Connectors

This section highlights Fortinet Cloud based products and services that can be connected to the Fabric

  • Adding FortiGate Cloud (Logging & Analytics)
  • Adding FortiAnalyzer Cloud (Logging & Analytics)
  • Adding FortiManager Cloud (Central Management)
  • Adding FortiClient EMS Cloud
  • Adding FortiSandbox Cloud

SAML Authentication

Using the Fabric root FortiGate as Identity Provider (IdP), downstream devices can be configured as Service Providers for easy access between Fabric devices

  • Configuring SAML single-sign-on in the Security Fabric
  • Pre-authorizing downstream FortiGates
  • Integrating FortiAnalyzer management using SAML SSO
  • Integrating FortiManager management using SAML SSO

Navigation, Topology and Views

Security Fabric enhances the way you use your Fortinet devices by allowing you to easily navigate between devices and consolidating device info within different views and dashboards

  • Navigating between Security Fabric members with SSO
  • Fabric Topology View
  • Viewing device dashboards in the Security Fabric

Monitoring

  • Getting started with FortiExplorer for iOS
  • Monitoring the Security Fabric with FortiExplorer for Apple TV

Fabric Agent

FortiClient Endpoint and EMS

Telemetry and Compliance data shared between FortiGate and FortiClient EMS help enhance endpoint visibility, compliance control, vulnerability scanning, and automated response

  • Endpoint Visilibity through FortiGate's Topology View
  • Asset Identity Center
  • Quarantine FortiClient through Automation Stitches
  • FortiSOC EMS Connector and Playbook
  • Configuring Zero Trust Tagging Rules & Tags
  • FortiOS dynamic policies using EMS dynamic endpoint groups

Automation & Security Rating

Fabric Automation Stitches

  • Creating an automation stitch
  • FortiSoC Playbook Automation

3rd Party Automation

Fortinet works with various 3rd party providers to deliver ways to automate our solutions. You can find the resources in the following locations

Security Rating

  • Using Security Rating
  • Security Rating checks

Integrated Solutions

Endpoint/Identity Connectors

FortiOS synchronizes with different systems to manage Identities of endpoint

  • Synchronizing FortiClient ZTNA tags and configurations
  • FSSO Agent Connector
  • Poll Active Directory Server Connector
  • Exchange Server connector
  • Cisco pxGrid connector
  • Clearpass endpoint connector via FortiManager
  • Symantec endpoint connector
  • RSSO Agent Connector

External SDN Connectors

FortiOS provides a variety of SDN connectors to pull objects such as network addresses from 3rd party vendors

  • AWS SDN Connector
  • Azure SDN Connector
  • GCP SDN Connector
  • AliCloud SDN Connector
  • OCI SDN Connector
  • Kubernetes SDN Connectors
  • VMware ESXi and vCenter Connector
  • VMware NSX-T SDN Connector
  • OpenStack Fabric Connector
  • Cisco ACI SDN Connector
  • IBM Cloud SDN Connector
  • Nuage SDN Connector
  • Nutanix SDN Connector
  • SAP SDN Connector
  • SAP SDN Connector

Fabric Address Management

IPAM provides IP address management solutions for FortiGates and network resources in the Fabric.

  • Configuring IPAM locally on a FortiGate

Troubleshooting

Troubleshooting

  • Troubleshooting Security Fabric
  • Diagnosing automation stitches