FortiManager
When a FortiManager device is added to the Security Fabric, it automatically synchronizes with any connected downstream devices.
To add a FortiManager to the Security Fabric, configure central management on the root FortiGate. The root FortiGate then pushes this configuration to downstream FortiGate devices. The FortiManager provides remote management of FortiGate devices over TCP port 541. The FortiManager must have internet access for it to join the Security Fabric.
Once configured, the FortiGate can receive antivirus and IPS updates, and allow remote management through FortiManager or the FortiGate Cloud service. The FortiGate management option must be enabled so that the FortiGate can accept management updates to its firmware and FortiGuard services.
To add a FortiManager to the Security Fabric using the CLI:
config system central-management
set type fortimanager
set fmg {<IP_address> | <FQDN_address>}
end
To add a FortiManager to the Security Fabric using the GUI:
- On the root FortiGate, go to Security Fabric > Settings.
- Enable Central Management.
- Set the Type to FortiManager.
- Enter the IP/Domain Name of the FortiManager.
- Click Apply.
- On the FortiManager, go to Device Manager and find the FortiGate in the Unauthorized Devices list.
- Select the FortiGate device or devices, and click Authorize in the toolbar.
- In the Authorize Device pop-up, adjust the device names as needed, then click OK.
For more information about using FortiManager, see the FortiManager Administration Guide.