Fortinet black logo

Administration Guide

Home FortiPAM 1.0.0 Administration Guide
1.0.0
1.3.0
1.2.0
1.1.2
1.1.1
1.1.0
1.0.3
1.0.2
1.0.1
1.0.0

Fabric Connectors

Fabric Connectors

Fabric connectors provide integration with Fortinet products to automate the process of managing dynamic security updates without manual intervention.

In HA and DR setup, the EMS configuration, such as server name and IP, can be synced to secondary and DR nodes. However, secondary and DR nodes need to be authorized by EMS individually. It is recommended that after configuring HA, admin test failover, log in to the new primary, and follow the same procedure to authorize secondary and DR nodes on the EMS server.

To create a FortiClient EMS fabric connector:
  1. Go to Security Fabric > Fabric Connectors.
  2. In the Core Network Security pane, select FortiClient EMS and then select Edit.

    The New Fabric Connector pane opens.

  3. Enter the following information:

    Type

    Select from the following two options:

    • FortiClient EMS

    • FortiClient EMS Cloud

      The FortiClient EMS Cloud option requires FortiClient EMS Cloud entitlement.

    Name

    The name of the FortiClient EMS connector.

    IP/Domain name

    The IP address or the domain name of the FortiClient EMS.

    HTTPS port

    The HTTPS port number for the FortiClient EMS (default = 443, 1 - 65535).

    EMS Threat Feed

    Enable to allow FortiPAM to pull FortiClient malware hash from FortiClient EMS.

    Note: The option is enabled by default.

    Synchronize firewall addresses

    Enable to automatically create and synchronize firewall addresses for all EMS tags.

    Note: The option is enabled by default.

  4. Click OK.

    FortiPAM attempts to verify the EMS server certificate.

    To delete a fabric connector, select Delete to delete the selected fabric connector.

  5. Relogin to the EMS server.

    Fabric Device Authorization Requests prompt appears.

  6. In Fabric Device Authorization Requests, click Authorize to authorize FortiPAM connection.
  7. In the Edit Fabric Connector pane on FortiPAM (for the newly configured connector), click Authorize in FortiClient EMS Status.

    Verify EMS Server Certificate window appears.

  8. In the Verify EMS Server Certificate window, select Accept to accept the certificate from the EMS-side.

    FortiPAM is now successfully connected to the EMS server.

Previous
Next

Fabric Connectors

Fabric connectors provide integration with Fortinet products to automate the process of managing dynamic security updates without manual intervention.

In HA and DR setup, the EMS configuration, such as server name and IP, can be synced to secondary and DR nodes. However, secondary and DR nodes need to be authorized by EMS individually. It is recommended that after configuring HA, admin test failover, log in to the new primary, and follow the same procedure to authorize secondary and DR nodes on the EMS server.

To create a FortiClient EMS fabric connector:
  1. Go to Security Fabric > Fabric Connectors.
  2. In the Core Network Security pane, select FortiClient EMS and then select Edit.

    The New Fabric Connector pane opens.

  3. Enter the following information:

    Type

    Select from the following two options:

    • FortiClient EMS

    • FortiClient EMS Cloud

      The FortiClient EMS Cloud option requires FortiClient EMS Cloud entitlement.

    Name

    The name of the FortiClient EMS connector.

    IP/Domain name

    The IP address or the domain name of the FortiClient EMS.

    HTTPS port

    The HTTPS port number for the FortiClient EMS (default = 443, 1 - 65535).

    EMS Threat Feed

    Enable to allow FortiPAM to pull FortiClient malware hash from FortiClient EMS.

    Note: The option is enabled by default.

    Synchronize firewall addresses

    Enable to automatically create and synchronize firewall addresses for all EMS tags.

    Note: The option is enabled by default.

  4. Click OK.

    FortiPAM attempts to verify the EMS server certificate.

    To delete a fabric connector, select Delete to delete the selected fabric connector.

  5. Relogin to the EMS server.

    Fabric Device Authorization Requests prompt appears.

  6. In Fabric Device Authorization Requests, click Authorize to authorize FortiPAM connection.
  7. In the Edit Fabric Connector pane on FortiPAM (for the newly configured connector), click Authorize in FortiClient EMS Status.

    Verify EMS Server Certificate window appears.

  8. In the Verify EMS Server Certificate window, select Accept to accept the certificate from the EMS-side.

    FortiPAM is now successfully connected to the EMS server.

Previous
Next