Service overview
What is Managed FortiGate Service?
Managed FortiGate Service (MFGS) is a remote cloud-based managed network operations service run by Fortinet NOC experts.
What do I get from this service?
The Managed FortiGate Service helps organizations manage their network infrastructure efficiently by providing:
- FortiGate Provisioning: Simple device provisioning according to the supported use cases. The list of supported use cases is available in the Managed FortiGate Service Use Cases document.
- Change Management: Evaluation / Implementation / Verification of change requests according to Fortinet Security Best Practices (FSBP) and ITIL methodology.
- System Hardening:
- SOCaaS Incident Remediation: Configuration assistance to respond/remediate SOCaaS escalated events.
- System Audit / Security Posture Review: Auditing of FortiGate configuration according to Fortinet Security Best Practices.
- Outbreak Alert: Configuration assistance on how to protect from an outbreak.
- PSIRT Advisories: Configuration assistance on applying a workaround or a permanent fix.
- FortiGate Firmware Upgrade: Remote FortiOS firmware upgrade activity for onboarded FortiGates from/to supported firmware versions.
What value does this service bring?
The service is run by network security experts skilled in maximizing performance and uptime of mission critical environments. By following Fortinet best practices and ITIL™ methodologies, the service aims at controlling risks to minimize the impact that configuration changes may have on the business.
What ITIL methodologies are followed?
Change management is performed according to the ITIL framework.
What is the availability of this service?
The service runs on a 24x7x365 basis.
Where is the Managed FortiGate Service team located?
The MFGS team is located in North America, EMEA, and APAC regions to ensure global coverage.
How is it compatible with existing MSP offerings?
The service is designed to complement MSP offerings to help streamline best practices and to scale operations.
How does it relate to other Fortinet service offerings?
Managed FortiGate Service is part of a broad range of offerings to help MSP scale up operations, which includes:
- Quick Start Services: PS-led service to help initialize customers on-board to the optimal best practices.
- Managed FortiGate Service: This service.
- SOC as a Service: Automated detection, investigation, and escalation of confirmed incidents to MSP SOC teams.
- Managed Endpoint: Full set of options, including managed EDR, Forensics, ZTNA and others.
All of these services are designed from ground up to interface with MSP SOC teams as the customer interface.
What are the technologies or tools that the Managed FortiGate Service is based on?
This service leverages:
- FortiSOAR to automate, orchestrate, and facilitate handling of service requests.
- FortiManager Cloud as the cloud-based management platform.
- A custom-built service portal.
How is Fortinet able to provide this service?
This service provides a unique blending of:
- People: Fortinet network security experts.
- Processes: Fortinet best practices and ITIL.
- Technology: Fortinet owned products and services.
In which regions is the Managed FortiGate Service available?
The service is available globally.
Does this service include any on-site?
No, the service is delivered remotely only.
In which languages is the service delivered?
Managed FortiGate Service is delivered in English only.
What is the structure of your team?
The team is structured with NOC Operations (front-end), NOC Engineering (back-end), and Service Delivery.
How do you understand our network needs?
During the onboarding wizard you will be able to share with us specifics of your deployment. For each onboarded FortiGate, we take a "normal operation baseline" focused on resource KPI to understand your system usage.
Does this service include network design and planning?
This service provides simple device provisioning according to the supported use cases.
Network design and planning that results in design documents are out of scope but they can be provided by other Fortinet departments.
How responsive are you?
The below table shows our service SLAs for Change Requests:
|
Type |
Description |
Target Evaluation Time |
Target Implementation Time |
|---|---|---|---|
| Emergency change | Business critical changes related to events outside the control of the customer that must be implemented as soon as possible, potentially in response to a critical system issue or a security breach. The process for assessment and authorization is expedited to ensure quick implementation. |
1 hour |
2 hours |
| Normal change | Intermediate risk change that is assessed according to the change management process in place. |
4 hours |
1 business day |
| Standard change | Low risk change that is assessed according to the change management process in place. |
1 business day |
2 business days |
How can customers raise a firewall policy change request?
All change requests are raised via the Managed FortiGate Service portal.
Will this service cover configuration assistance on third party software/applications?
No, this service covers change requests for FortiGate devices only. Third party configurations (e.g. LDAP servers) are out of scope.
Can we apply changes to the FortiGate ourselves as well?
As this is a managed service, all changes should be done centrally by the Managed FortiGate Service team but you are allowed to make changes locally by connecting to each FortiGate for emergencies or to implement use cases not yet covered by the service.
Do I have read/write access to the FortiManager Cloud instance used by the MFGS team to manage my FortiGates?
No, customers have read only access to the FortiManager Cloud instance used by the MFGS team.
Are firmware upgrades covered by this service?
Yes, remote firmware upgrades from/to supported firmware versions are covered by this service.
What complexity of change requests/device provisioning is covered by the service?
This service covers change requests/device provisioning as detailed in the published use cases. See Managed FortiGate Service Use Cases.
Does this service cover OT environments?
The service has been designed to fit multiple solutions/verticals that are looking for change management, device provisioning and system hardening according to the supported use cases.
What options do we provide if customers are looking for features not yet supported in the current offering?
Customers keep their FortiGate local admin account (super_admin profile with Read/Write access) for emergencies or to implement locally use cases not yet covered by the service.
If I'm already subscribed to the service as customer, how can I add additional FortiGates?
Customers already onboarded to the service can add new FortiGates by submitting a Device Onboarding service request from the MFGS portal.
If I already have a FortiManager on-premise or a FortiManager cloud instance can I migrate it to MFGS?
Migrations from existing FortiManager instances, either on-premises or FortiManager Cloud, to MFGS are not supported. During onboarding your existing FortiManager Cloud instance will be deleted and a new MFGS instance will be provisioned under your FortiCare account.
Does Managed FortiGate Service work with SOCaaS
Yes, for use cases that can be covered by both SOCaaS and MFGS, the integration operates as below:
SOCaaS:
- Detect: Identify potential threats.
- Investigate: Analyzer the threat to make sure it's a true positive versus a false negative.
- Escalate: Inform the customer about the threat, and escalate to the MFGS team as well.
MFGS:
- Contain: Bring the incident under control as soon as possible (e.g. quarantine).
- Remediate: Apply measure in place to prevent it from happening in the future.
Currently 60% of SOCaaS use cases can be contained or remediated by the Managed FortiGate Service.