Fortinet FortiManager 3000G
Centralized Management for Fortinet Security Networks

Overview:

Manage all your Fortinet devices in a singleconsole central management system. FortiManager provides full visibility of your network, offering streamlined provisioning and innovative automation tools.

Integrated with Fortinet’s Security Fabric, the security architecture and FortiManager’s Automation Driven Network Operations capabilities provide a foundation to secure and optimize network security, such as provisioning and monitoring SD-WAN.

Orchestrate Fortinet security devices and systems on-premise or in the cloud to streamline network provisioning, security policy updates & change management.

Automate your time-intensive processes and accelerate workflows to offload NOC-SOC, reduce administrative tasks and address talent shortages.

Optimize Visibility to the entire digital attack surface and awareness of increasing cyber threats from one centralized location, through accurate detection, automated correlation and rapid response features.

Key Features:

Single console management

• Manage all Fortinet products, including firewalls, FortiAnalyzers, switches, wireless infrastructure and Endpoints

Security automation

• Reduces complexity and costs by leveraging automated REST API, scripts, connectors, and automation stitches

Centralized policy and device management

• Centrally manage up to 100,000+ devices and policies such as firewalls, switches, and access points

Zero-touch provisioning

• Automate workflows and configurations for Fortinet firewalls, switches and wireless infrastructure

Secure SD-WAN provisioning and monitoring

• Provision and monitor Secure SD-WAN from one console across your network, branch offices or campuses

Multi-tenancy and administrative domains (ADOMs)

• Separate customer data and manage domains leveraging ADOMs to be compliant and operationally effective

Enterprise-grade high availability and integration

• Automated backups up to 4 nodes with streamlined software and security updates for all managed devices

Key Features:

Single Pane Automation and Orchestration

FortiManager provides insight into network traffic and threats through a single-pane-of-glass and offers enterprise-class features and sophisticated security management for unified, end-to-end protection to contain advanced threats. FortiManager also delivers the industry’s best scalability to manage up to 100,000 Fortinet devices. FortiManager, coupled with the FortiAnalyzer family of centralized logging and reporting appliances, provides a comprehensive and powerful centralized management solution for your organization.

Central Management of Network Infrastructure

Centrally manage FortiGate, FortiSwitch, FortiExtender & FortiAP. The VPN manager simplifies the deployment and enables centrallyprovisioned VPN community and connection monitoring. FortiAP Manager allows configuring, deploying and monitoring FortiAPs from a single console.

Configuration and Settings Management

Collectively configure the device settings - using the provisioning templates and advance CLI templates improves management of a large number of devices. Automatic device configuration backup with revision control and change audit make it easier for daily administrative tasks. Use Management extensions to add SD-WAN Orchestrator, Wireless Manager and other modules.

API for Automation and Orchestration

RESTful API allows MSSPs/large enterprises to create customized, branded web portals for policy and object administration. Automate common tasks such as provisioning FortiGates and configuring existing devices. Join Fortinet Developer Network (FNDN) to access exclusive articles, how-to content for automation and customization, community-built tools, scripts and sample code.

Management Extensions

FortiManager’s management extensions allow rapid expansion of Single Pane to manage more Security Fabric products. The built-in engine runs containerized extensions to support trusted containers, which are pulled from the FortiGuard. FortiManager is notified when new containers are made available and users can easily choose to opt in our out of each of the management extensions. It includes modules like SD-WAN Orchestrator, Wireless Manager and more.

Security Policy Management

Per Policy Lock has been added to 6.4, which allows admins to control the policy change by implicitly lock a policy rule when he/ she does the change to the policy. Group commonly used security policies in a policy block and insert as needed in different Policy Packages. Global policy feature that allows companies such as: Telecom, MSSP and SAAS providers to apply a header/footer policy at the ADOM level to all policy packages or select packages.

SD-WAN Orchestration & Analytics

Powerful SD-WAN management capabilities using intuitive workflow and simplified provisioning at scale. Enhanced SD-WAN analytics to monitor application performance and bandwidth utilization per WAN link. Leverage application centric SD-WAN business policies to fine-tune traffic steering decisions based on performance SLA targets for each WAN provider. Provide flexible deployment options for SD-WAN orchestrator, an add-on to FortiManager.

Multi-Tenancy & Role Based Administration

FortiManager equips admins with granular device and role based administration for deploying zero-trust, multi-tenancy architecture to large enterprises, with a hierarchical objects database to facilitate re-use of common configurations and serve multiple customers. ADOMs are used to manage independent security environments, each with its own security policies and configuration database, and the intuitive GUI makes it easy to view, create, clone and manage ADOMs. The zero-touch deployment uses templates to provision devices for quick mass deployment, and also supports firmware version enforcement. Define global objects such as Firewall Objects, Policies and Security Profiles to share across multiple ADOMs. Granular permissions allow assigning ADOMs, devices and policies to users based on role and responsibilities. FortiManager’s new IPS admin is a restricted user role for performing only IPS related object configuration and install.

Integration & Security Fabric

FortiManager integrates with ITSM to mitigate security events, apply configuration changes and update policies, as well as seamless integration with FortiAnalyzer for in-depth discovery, analysis, prioritization and reporting of network security events. Use fabric connectors to facilitate connections with third-party vendors like vCenter, pxGrid, Clearpass, OCI, ESXi, AWS and others, to share and exchange data. FortiManager’s workflow for audit and compliance enables review, approval and auditing policy changes, including automating processes for policy compliance, policy lifecycle management, and enforced workflow to reduce risk.

Network & Security Operations Visibility

Automated data exchanges between security (SOC) workflows and operational (NOC) workflows, creating a single, complete workflow that not only saves time, but also provides the capacity to complete additional incident response activities. FortiManager’s NOC-SOC delivers advanced data visualization to help Analysts quickly connect dots and identify threats, simplifying how organizations deliver security and remediate breaches, data exfiltration, and compromised hosts.

Monitor and Report for Deep Visibility

Access vital security and network statistics, as well as realtime monitoring and integrated reporting to provide visibility into network and user activity. For more powerful analytics, combine with a FortiAnalyzer appliance for additional data mining, statistical analysis and graphical reporting capabilities.

Specifications:

	FortiManager 200F	FortiManager 300F	FortiManager 400E	FortiManager 2000E	FortiManager 3000G	FortiManager 3700F
Capacity and Performance
Devices/VDOMs (Maximum)1	30	100	300	1,200	4,000+	10,000+
Sustained Log Rates	50	50	50	50	150	150
GB/Day	2	2	2	2	10	10
Hardware Specifications
Storage Capacity	8 TB (2 x 4 TB)	16 TB (4 x 4 TB)	24 TB (8x 3 TB)	36 TB (12x 3 TB)	64 TB (16x 4 TB)	240 TB (60x 4 TB)
Usable Storage (After RAID)	4 TB	8 TB	21 TB	30 TB	56 TB	216 TB
RAID Levels Supported	RAID 0/1	RAID 0/1/5/10	RAID 0/1/5/6/10/50/60	RAID 0/1/5/6/10/50/60	RAID 0/1/5/6/10/50/60	RAID 0/1/5/6/10/50/60
Default RAID	1	10	50	50	50	50
Hardware Form Factor	1 RU Rackmount	1 RU Rackmount	2 RU Rackmount	2 RU Rackmount	3 RU Rackmount	4 RU Rackmount
Total Interfaces	2xRJ45 GE, 2xSFP	4 x GbE RJ45, 2 x SFP	2x GE	4x GE, 2x 10 GE SFP+	2 x GbE RJ45 ports, 2x 25GbE SFP28	2x10GbE SFP+, 2x1GbE RJ-45
Console Port	RJ45	RJ45	DB-9	DB-9	DB-9	DB9
Removable Hard Drives	No
Redundant Hot Swap Power Supplies	No	No
Chassis Management
Dimensions
Height x Width x Length (inches)	1.75 x 17.0 x 15.0	1.75 x 17.44 x 22.16	3.5 x 17.2 x 25.2	3.5 x 17.2 x 25.6	5.2 x 17.2 x 25.5	7 x 17.2 x 30.2
Height x Width x Length (cm)	4.4 x 43.2 x 38	4.4 x 44.3 x 56.3	8.9 x 43.7 x 64.8	8.9 x 43.7 x 64.8	13.2 x 44.0 x 65.0	17.8 x 43.7 x 76.7
Weight	18.9 lbs (8.6 kg)	28.6 lbs (13.0 kg)	52 lbs (23.6 kg)	58 lbs (26.3 kg)	65.5 lbs (30.15 kg)	120 lbs (54.6 kg)
Environment
AC Power Supply	100-240V 60-50Hz	100–240V AC, 50-60 Hz	100–240V AC, 50-60 Hz	100–240V AC, 50–60 Hz	100–240V AC, 50–60 Hz	100–240V AC, 50–60 Hz
Power Consumption (Average / Maximum)	65W / 130W	108W / 186W	192.5W / 275W	293.8W / 354W	449W / 541W	850W / 1423.4W
Heat Dissipation	445 BTU/h	634 BTU/h	920 BTU/h	1209 BTU/h	1846.5 BTU/h	4858 BTU/h
Operating Temperature	32 - 104° F (0 - 40° C)	32 - 104° F (0 - 40° C)	41 - 95° F (5 - 35° C)	50–95°F (10–35°C)	50–95°F (10–35°C)	50–95°F (10–35°C)
Storage Temperature	-31–158ºF (-35–70ºC)	-31–158ºF (-35–70ºC)	-40 - 140° F (-40 - 60° C)	-40–158°F (-40–70°C)	-40–158°F (-40–70°C)	-40–158°F (-40–70°C)
Humidity	20 to 90% non-condensing	20 to 90% non-condensing	8 to 90% non-condensing	8 to 90% non-condensing	8 to 90% non-condensing	8 to 90% non-condensing
Operating Altitude	Up to 7,400 ft (2,250 m)	Up to 7,400 ft (2,250 m)	Up to 9,842 ft (3,000 m)	Up to 7,400 ft (2,250 m)	Up to 7,400 ft (2,250 m)	Up to 7,400 ft (2,250 m)
Compliance
Safety Certifications	FCC Part 15 Class A, C-Tick, VCCI, CE, UL/cUL, CB	FCC Part 15 Class A, C-Tick, VCCI, CE, BSMI, KC, UL/cUL, CB, GOST

¹ Each Virtual Domain (VDOM) operating on a physical or virtual device counts as one (1) licensed network device
* FGT 7000 Series is supported on all FMG models and does not require Chassis Management.

Documentation:

Download the Fortinet FortiManager Series Datasheet (PDF).