Introduction
FortiPolicy is the first containerized security platform that implements and automates security orchestration with full-flow inspection and segmented and microsegmented policy enforcement while auto-scaling to accommodate infrastructure changes.
This document provides the following information for FortiPolicy 7.2.5 GA Build 0039:
Product integration and support
The following table lists FortiPolicy 7.2.5 integration and support information:
Web browsers |
Latest version of Google Chrome |
FortiGate |
Running FortiOS 7.4.0 |
FortiSwitch |
One or more managed FortiSwitch units running FortiSwitchOS 7.2.0 or higher |
Virtualization environment
VMware vCenter Server |
Version 6.0 or 6.5 |
VMware vSphere |
Version 6.5 and higher |
VMware ESXi |
Version 7.x and above |
ESX resource requirements
FortiPolicy component |
vCPU requirements |
VM requirements |
---|---|---|
FortiPolicy management plane |
10 vCPUs |
1 VM |
Ports used by FortiPolicy
The following table lists the ports that FortiPolicy uses to communicate with other services. Depending on your deployment you may need to open these ports up in your firewall.
Service or program |
Protocol |
Incoming ports |
Outgoing ports |
Details |
---|---|---|---|---|
SSHD |
TCP |
22 |
|
In order to SSH to the FortiPolicy CLI, TCP:22 must be allowed. |
DNS |
TCP, UDP |
|
53 |
FortiPolicy need to access to the DNS servers provided during setup. |
NTP |
UDP |
|
123 |
By default, FortiPolicy uses public Ubuntu NTP pools. It is strongly suggested to provide your own NTP server during install. |
Web access |
TCP |
80, 443 |
|
Port 80 (HTTP) is a redirect to port 443 (HTTPS). |
Security Fabric connection |
TCP |
|
442, 8013 |
FortiPolicy needs access to the root FortiGate. |
NetFlow connection |
UDP |
4739 |
N/A |
NetFlows/IPFIX from FortiGate and supported network switches. |
sFlow connection |
UDP |
6343 |
N/A |
sFlows from FortiGate and supported network switches. |
Telemetry uploads |
TCP |
N/A |
fortipolicy.fortinet.com:443 |
|
Services available
-
Automated firewall policy
-
Application-level visibility
-
Complete user control
-
Microsegment FortiSwitch traffic
-
All FortiGate architectures
-
Block east/west traffic
What’s new in FortiPolicy 7.2.5
FortiPolicy 7.2.5 is a patch release. No new features or enhancements are covered in this release.