Fortinet black logo

New Features

6.4.0
7.4.0
7.2.0
7.0.0
6.4.0
6.2.0

FortiMail Security Fabric integration 6.4.2

FortiMail Security Fabric integration 6.4.2

FortiMail can be authorized into the Security Fabric using either the gutter on the Fabric Connectors page, or by pre-authorizing using the FortiMail serial number or certificate.

As part of the Security Fabric, FortiMail appears in the Fabric navigation, topologies, widgets, and in the Security Posture report in FortiOS.

To join the Security Fabric from FortiMail:
  1. Go to System > Customization and click the Corporate Security Fabric tab (or the Corporate Security Fabric tab in FortiMail 6.4.2 and earlier).
  2. Click the toggle to enable the Fabric.
  3. Enter the Upstream IP Address (root FortiGate) and the Management IP of the FortiMail.
  4. Click Apply.

Authorizing using FortiOS

If the FortiMail was added to the Security Fabric but not pre-authorized, you can authorize it in FortiOS on the Fabric Connectors page.

To authorize FortiMail:
  1. Go to Security Fabric > Fabric Connectors.
  2. In the topology tree, hover over the FortiMail and click Authorize.

  3. Verify the certificate is correct, then click Accept.

Pre-authorizing using the FortiMail certificate

FortiMail can be pre-authorized using its serial number or certificate. When you pre-authorize, the FortiMail can join at any time, and you will not need to authorize it FortiOS. In this example, FortiMail is pre-authorized using a certificate.

To pre-authorize FortiMail using a third-party or default certificate:
  1. Log in to FortiMail.
  2. Download the certificate. For example, in Chrome:
    1. In the left side of the address bar, click the icon to view the site information.
    2. Click Certificate.
    3. Click the Details tab, then click Copy to File.

    4. The Certificate Export Wizard opens. Click Next to continue.
    5. For the file format, select Base-64 encoded X.509 (.CER), then click Next.

    6. Browse to the folder location and enter a file name, then click Next.
    7. Click Finish, then click OK to close the dialog box.
  3. In FortiOS, go to Security Fabric > Fabric Connectors and double-click the Security Fabric Setup card.
  4. Beside Device authorization, click Edit and configure the following:
    1. Enter the FortiMail serial number.
    2. For Authorization type, select Serial Number.
    3. For Certificate, upload the .CER file you saved previously.
    4. Click OK.

Security Fabric integration

Once authorized, you can navigate and log in to the FortiMail from the topology tree, or within the topology views in FortiOS:

The Security Posture report can detect whether unsecure protocols, such as HTTP and Telnet, are used on the FortiMail:

FortiMail widgets can be added to the dashboard.

To add a FortiMail widget:
  1. Go to Dashboard > Status and click Add Widget. The Add Dashboard Widget pane opens.
  2. Under Security Fabric, click Fabric Device.
  3. From the Device dropdown, select the FortiMail.
  4. From the Widget name dropdown, select a widget.

  5. Click Add Widget.
  6. Repeat these steps to add more widgets if needed.

    The widgets are displayed in the dashboard:

Previous
Next

More Links

Enabling Security Fabric

FortiMail Security Fabric integration 6.4.2

FortiMail can be authorized into the Security Fabric using either the gutter on the Fabric Connectors page, or by pre-authorizing using the FortiMail serial number or certificate.

As part of the Security Fabric, FortiMail appears in the Fabric navigation, topologies, widgets, and in the Security Posture report in FortiOS.

To join the Security Fabric from FortiMail:
  1. Go to System > Customization and click the Corporate Security Fabric tab (or the Corporate Security Fabric tab in FortiMail 6.4.2 and earlier).
  2. Click the toggle to enable the Fabric.
  3. Enter the Upstream IP Address (root FortiGate) and the Management IP of the FortiMail.
  4. Click Apply.

Authorizing using FortiOS

If the FortiMail was added to the Security Fabric but not pre-authorized, you can authorize it in FortiOS on the Fabric Connectors page.

To authorize FortiMail:
  1. Go to Security Fabric > Fabric Connectors.
  2. In the topology tree, hover over the FortiMail and click Authorize.

  3. Verify the certificate is correct, then click Accept.

Pre-authorizing using the FortiMail certificate

FortiMail can be pre-authorized using its serial number or certificate. When you pre-authorize, the FortiMail can join at any time, and you will not need to authorize it FortiOS. In this example, FortiMail is pre-authorized using a certificate.

To pre-authorize FortiMail using a third-party or default certificate:
  1. Log in to FortiMail.
  2. Download the certificate. For example, in Chrome:
    1. In the left side of the address bar, click the icon to view the site information.
    2. Click Certificate.
    3. Click the Details tab, then click Copy to File.

    4. The Certificate Export Wizard opens. Click Next to continue.
    5. For the file format, select Base-64 encoded X.509 (.CER), then click Next.

    6. Browse to the folder location and enter a file name, then click Next.
    7. Click Finish, then click OK to close the dialog box.
  3. In FortiOS, go to Security Fabric > Fabric Connectors and double-click the Security Fabric Setup card.
  4. Beside Device authorization, click Edit and configure the following:
    1. Enter the FortiMail serial number.
    2. For Authorization type, select Serial Number.
    3. For Certificate, upload the .CER file you saved previously.
    4. Click OK.

Security Fabric integration

Once authorized, you can navigate and log in to the FortiMail from the topology tree, or within the topology views in FortiOS:

The Security Posture report can detect whether unsecure protocols, such as HTTP and Telnet, are used on the FortiMail:

FortiMail widgets can be added to the dashboard.

To add a FortiMail widget:
  1. Go to Dashboard > Status and click Add Widget. The Add Dashboard Widget pane opens.
  2. Under Security Fabric, click Fabric Device.
  3. From the Device dropdown, select the FortiMail.
  4. From the Widget name dropdown, select a widget.

  5. Click Add Widget.
  6. Repeat these steps to add more widgets if needed.

    The widgets are displayed in the dashboard:

Previous
Next