Fortinet black logo

Administration Guide

Backing up the system

Backing up the system

Fortinet recommends that you back up your FortiManager configuration to your management computer on a regular basis to ensure that, should the system fail, you can quickly get the system back to its original state with minimal affect to the network. You should also back up your configuration after making any changes to the FortiManager configuration or settings that affect connected devices.

If any management extensions, such as SD-WAN Orchestrator, are enabled, the backup file includes the configuration for each enabled management extension.

You can perform backups manually or at scheduled intervals. You can use ADOM Revisions in Policy & Objects to maintain a revision of your FortiManager configurations in an ADOM. See ADOM revisions.

Fortinet recommends backing up all configuration settings from your FortiManager unit before upgrading the FortiManager firmware. See Updating the system firmware.

An MD5 checksum is automatically generated in the event log when backing up the configuration. You can verify a backup by comparing the checksum in the log entry with that of the backup file.

To back up the FortiManager configuration:
  1. Go to System Settings > Dashboard.
  2. In the System Information widget, click the backup button next to System Configuration. The Backup System dialog box opens
  3. If you want to encrypt the backup file, select the Encryption box, then type and confirm the password you want to use. The password can be a maximum of 63 characters.
  4. Select OK and save the backup file on your management computer.
Configuring automatic backups

You can configure FortiManager to automatically backup your configuration on a set schedule. This feature can only be configured through the CLI.

To schedule automatic backup of the FortiManager configuration:
  1. In the FortiManager CLI, enter the following command:

    config system backup all-settings

  2. Configure the backup settings:

    set status {enable | disable}

    set server {<ipv4_address>|<fqdn_str>}

    set user <username>

    set directory <string>

    set week_days {monday tuesday wednesday thursday friday saturday sunday}

    set time <hh:mm:ss>

    set protocol {ftp | scp | sftp}

    set passwd <passwd>

    set crptpasswd <passwd>

    end

For example, the following configuration uses the FTP protocol to backup the configuration to server 172.20.120.11 in the /usr/local/backup directory every Monday at 1:00pm.

config system backup all-settings

set status enable

set server 172.20.120.11

set user admin

set directory /usr/local/backup

set week_days monday

set time 13:00:00

set protocol ftp

end

For more information, see the FortiManager CLI Reference Guide on the Fortinet Documents Library.

To find the MD5 checksum generated with the backup:
  1. In the GUI, go to System Settings > Event Log.
  2. In the Changes column for the event log, note the MD5 checksum.

Backing up the system

Fortinet recommends that you back up your FortiManager configuration to your management computer on a regular basis to ensure that, should the system fail, you can quickly get the system back to its original state with minimal affect to the network. You should also back up your configuration after making any changes to the FortiManager configuration or settings that affect connected devices.

If any management extensions, such as SD-WAN Orchestrator, are enabled, the backup file includes the configuration for each enabled management extension.

You can perform backups manually or at scheduled intervals. You can use ADOM Revisions in Policy & Objects to maintain a revision of your FortiManager configurations in an ADOM. See ADOM revisions.

Fortinet recommends backing up all configuration settings from your FortiManager unit before upgrading the FortiManager firmware. See Updating the system firmware.

An MD5 checksum is automatically generated in the event log when backing up the configuration. You can verify a backup by comparing the checksum in the log entry with that of the backup file.

To back up the FortiManager configuration:
  1. Go to System Settings > Dashboard.
  2. In the System Information widget, click the backup button next to System Configuration. The Backup System dialog box opens
  3. If you want to encrypt the backup file, select the Encryption box, then type and confirm the password you want to use. The password can be a maximum of 63 characters.
  4. Select OK and save the backup file on your management computer.
Configuring automatic backups

You can configure FortiManager to automatically backup your configuration on a set schedule. This feature can only be configured through the CLI.

To schedule automatic backup of the FortiManager configuration:
  1. In the FortiManager CLI, enter the following command:

    config system backup all-settings

  2. Configure the backup settings:

    set status {enable | disable}

    set server {<ipv4_address>|<fqdn_str>}

    set user <username>

    set directory <string>

    set week_days {monday tuesday wednesday thursday friday saturday sunday}

    set time <hh:mm:ss>

    set protocol {ftp | scp | sftp}

    set passwd <passwd>

    set crptpasswd <passwd>

    end

For example, the following configuration uses the FTP protocol to backup the configuration to server 172.20.120.11 in the /usr/local/backup directory every Monday at 1:00pm.

config system backup all-settings

set status enable

set server 172.20.120.11

set user admin

set directory /usr/local/backup

set week_days monday

set time 13:00:00

set protocol ftp

end

For more information, see the FortiManager CLI Reference Guide on the Fortinet Documents Library.

To find the MD5 checksum generated with the backup:
  1. In the GUI, go to System Settings > Event Log.
  2. In the Changes column for the event log, note the MD5 checksum.