Fortinet FortiManager 3000G
Centralized Management for Fortinet Security Networks

Key Features:

Single Pane Automation and Orchestration

FortiManager provides insight into network traffic and threats through a single-pane-of-glass and offers enterprise-class features and sophisticated security management for unified, end-to-end protection to contain advanced threats. FortiManager also delivers the industry’s best scalability to manage up to 100,000 Fortinet devices. FortiManager, coupled with the FortiAnalyzer family of centralized logging and reporting appliances, provides a comprehensive and powerful centralized management solution for your organization.

Central Management of Network Infrastructure

Centrally manage FortiGate, FortiSwitch, FortiExtender & FortiAP. The VPN manager simplifies the deployment and enables centrallyprovisioned VPN community and connection monitoring. FortiAP Manager allows configuring, deploying and monitoring FortiAPs from a single console.

Configuration and Settings Management

Collectively configure the device settings - using the provisioning templates and advance CLI templates improves management of a large number of devices. Automatic device configuration backup with revision control and change audit make it easier for daily administrative tasks. Use Management extensions to add SD-WAN Orchestrator, Wireless Manager and other modules.

API for Automation and Orchestration

RESTful API allows MSSPs/large enterprises to create customized, branded web portals for policy and object administration. Automate common tasks such as provisioning FortiGates and configuring existing devices. Join Fortinet Developer Network (FNDN) to access exclusive articles, how-to content for automation and customization, community-built tools, scripts and sample code.

Management Extensions

FortiManager’s management extensions allow rapid expansion of Single Pane to manage more Security Fabric products. The built-in engine runs containerized extensions to support trusted containers, which are pulled from the FortiGuard. FortiManager is notified when new containers are made available and users can easily choose to opt in our out of each of the management extensions. It includes modules like SD-WAN Orchestrator, Wireless Manager and more.

Security Policy Management

Per Policy Lock has been added to 6.4, which allows admins to control the policy change by implicitly lock a policy rule when he/ she does the change to the policy. Group commonly used security policies in a policy block and insert as needed in different Policy Packages. Global policy feature that allows companies such as: Telecom, MSSP and SAAS providers to apply a header/footer policy at the ADOM level to all policy packages or select packages.

SD-WAN Orchestration & Analytics

Powerful SD-WAN management capabilities using intuitive workflow and simplified provisioning at scale. Enhanced SD-WAN analytics to monitor application performance and bandwidth utilization per WAN link. Leverage application centric SD-WAN business policies to fine-tune traffic steering decisions based on performance SLA targets for each WAN provider. Provide flexible deployment options for SD-WAN orchestrator, an add-on to FortiManager.

Multi-Tenancy & Role Based Administration

FortiManager equips admins with granular device and role based administration for deploying zero-trust, multi-tenancy architecture to large enterprises, with a hierarchical objects database to facilitate re-use of common configurations and serve multiple customers. ADOMs are used to manage independent security environments, each with its own security policies and configuration database, and the intuitive GUI makes it easy to view, create, clone and manage ADOMs. The zero-touch deployment uses templates to provision devices for quick mass deployment, and also supports firmware version enforcement. Define global objects such as Firewall Objects, Policies and Security Profiles to share across multiple ADOMs. Granular permissions allow assigning ADOMs, devices and policies to users based on role and responsibilities. FortiManager’s new IPS admin is a restricted user role for performing only IPS related object configuration and install.

Integration & Security Fabric

FortiManager integrates with ITSM to mitigate security events, apply configuration changes and update policies, as well as seamless integration with FortiAnalyzer for in-depth discovery, analysis, prioritization and reporting of network security events. Use fabric connectors to facilitate connections with third-party vendors like vCenter, pxGrid, Clearpass, OCI, ESXi, AWS and others, to share and exchange data. FortiManager’s workflow for audit and compliance enables review, approval and auditing policy changes, including automating processes for policy compliance, policy lifecycle management, and enforced workflow to reduce risk.

Network & Security Operations Visibility

Automated data exchanges between security (SOC) workflows and operational (NOC) workflows, creating a single, complete workflow that not only saves time, but also provides the capacity to complete additional incident response activities. FortiManager’s NOC-SOC delivers advanced data visualization to help Analysts quickly connect dots and identify threats, simplifying how organizations deliver security and remediate breaches, data exfiltration, and compromised hosts.

Monitor and Report for Deep Visibility

Access vital security and network statistics, as well as realtime monitoring and integrated reporting to provide visibility into network and user activity. For more powerful analytics, combine with a FortiAnalyzer appliance for additional data mining, statistical analysis and graphical reporting capabilities.

Specifications:

¹ Each Virtual Domain (VDOM) operating on a physical or virtual device counts as one (1) licensed network device
* FGT 7000 Series is supported on all FMG models and does not require Chassis Management.

Documentation:

Download the Fortinet FortiManager Series Datasheet (PDF).