Fortinet black logo

SSL VPN to ZTNA Migration Guide

Home FortiGate / FortiOS 7.2.2 SSL VPN to ZTNA Migration Guide
7.2.2
7.2.5
7.2.2

FortiGate

FortiGate

FortiGate is a required component for ZTNA.

ZTNA Licensing is included with FortiOS. The minimum recommended license bundle is Unified Threat Protection, and the recommended license bundle is Enterprise Protection. See the data sheets found in Next-Generation Firewall.

FortiGate maintains a continuous connection to FortiClient EMS to synchronize endpoint device information, including:

  • FortiClient UID
  • FortiClient certificate serial number
  • FortiClient EMS serial number
  • Device credential (user/domain)
  • Network (IP and MAC address and route to the FortiGate)

When a device's information changes, such as when a client moves from On-net to Off-net, or their security posture changes, FortiClient EMS is updated with the new device information, and then updates the FortiGate. FortiGate's wad daemon can use this information when processing ZTNA traffic.

Previous
Next

FortiGate

FortiGate is a required component for ZTNA.

ZTNA Licensing is included with FortiOS. The minimum recommended license bundle is Unified Threat Protection, and the recommended license bundle is Enterprise Protection. See the data sheets found in Next-Generation Firewall.

FortiGate maintains a continuous connection to FortiClient EMS to synchronize endpoint device information, including:

  • FortiClient UID
  • FortiClient certificate serial number
  • FortiClient EMS serial number
  • Device credential (user/domain)
  • Network (IP and MAC address and route to the FortiGate)

When a device's information changes, such as when a client moves from On-net to Off-net, or their security posture changes, FortiClient EMS is updated with the new device information, and then updates the FortiGate. FortiGate's wad daemon can use this information when processing ZTNA traffic.

Previous
Next