Post

Fortinet Security Fabric

Posted
By Sena Perdiana 1 min read

The Fortinet Security Fabric is an integrated architecture that enables multiple security devices to share telemetry and coordinate a unified response to threats. This lab demonstrates the seamless integration of FortiGates with FortiManager and FortiAnalyzer, consolidating individual appliances into a unified, centrally managed security ecosystem

x


Security Fabric

Here we have Fortigate-14 which will act as our Fabric Root that already has connection to Fortianalyzer

x

x


Here we enable Security Fabric as Root

x


After that we can move to our members, in this case is the Fortigate-15. Here we also enable Security Fabric as a member

x


Do the same for Fortigate-16, and now we have both members show up on Fabric Root pending authorization

x


Authorize both members

x


And now we have both members as part of the Security Fabric

x


Because Fortigate-14 alread has Fortianalyzer configured, this configuration will be synced to the downstream members, automatically adding them to the same FAZ. All members now show up on FAZ as Unauthorized Devices which we just need to authorize

x

x


Here’s how the FAZ config looks on the downstream member, we can’t modify the config because it’s synced from the fabric root

x


Object Synchronization

One of the cool things about Security Fabric is we can create a firewall object on the Fabric Root and it will be autmatically propagated to all downstream members

x

Object on Fortigate-14

x

Object on Fortigate-15


FortiManager

Next let’s add the Fortigate-14 to FMG

x


Once the Fabric Root is registered, all members will also show up on FMG as Unauthorized

x


Lets authorize the devices

x

x


On the member, we can see the FMG configuration is synced from the Fabric Root

x

x


Security, Fortinet
Fortinet
This post is licensed under CC BY 4.0 by the author.