Fortinet black logo

Devices Managed by FortiOS

Home FortiSwitch 7.0.8 Devices Managed by FortiOS

Optimizing the FortiSwitch network

7.0.8
7.0.8
7.0.4
7.0.2
7.0.1
7.0.0
6.4.5
6.4.3
6.4.2
6.4.0
6.2.3
6.2.2
6.2.1
6.2.0
6.0.4
6.0.3
6.0.1
6.0.0
6.0.0
3.6.3
3.6.0
3.5.4
Copy Link
Copy Doc ID 6c414491-4376-11ed-9d74-fa163e15d75b:173272
Download PDF

Optimizing the FortiSwitch network

Starting in FortiOS 6.4.2 with FortiSwitchOS 6.4.2, you can check your FortiSwitch network and get recommendations on how to optimize it. If you agree with the configuration recommendations, you can accept them, and they are automatically applied.

Starting in FortiOS 7.0.8, a new test checks the FortiSwitchOS version on the managed switches. If the FortiSwitchOS version is 7.0.0 or higher, FortiOS recommends using the strict tunnel mode, which enforces the use of strong encryption. If the managed switches are running an older firmware version, FortiOS recommends upgrading to FortiSwitchOS 7.0.0 or higher.

To set the tunnel mode to strict in FortiOS:

config switch-controller system

set tunnel-mode strict

end

NOTE: The Security Rating feature is available only when VDOMs are disabled.

To optimize your FortiSwitch network:
  1. Go to Security Fabric > Security Rating.
  2. Select Run Now (under Report Details in the right pane) to generate the Security Rating report.

  3. Select the Optimization section.

  4. Under Failed, select + next to each item to see more details in the right pane.

  5. If you agree with a suggestion in the Recommendations section, select Apply for the change to be made.

Previous
Next

Optimizing the FortiSwitch network

Starting in FortiOS 6.4.2 with FortiSwitchOS 6.4.2, you can check your FortiSwitch network and get recommendations on how to optimize it. If you agree with the configuration recommendations, you can accept them, and they are automatically applied.

Starting in FortiOS 7.0.8, a new test checks the FortiSwitchOS version on the managed switches. If the FortiSwitchOS version is 7.0.0 or higher, FortiOS recommends using the strict tunnel mode, which enforces the use of strong encryption. If the managed switches are running an older firmware version, FortiOS recommends upgrading to FortiSwitchOS 7.0.0 or higher.

To set the tunnel mode to strict in FortiOS:

config switch-controller system

set tunnel-mode strict

end

NOTE: The Security Rating feature is available only when VDOMs are disabled.

To optimize your FortiSwitch network:
  1. Go to Security Fabric > Security Rating.
  2. Select Run Now (under Report Details in the right pane) to generate the Security Rating report.

  3. Select the Optimization section.

  4. Under Failed, select + next to each item to see more details in the right pane.

  5. If you agree with a suggestion in the Recommendations section, select Apply for the change to be made.

Previous
Next