Help
FortiManager
FortiManager supports network operations use cases for centralized management, best practices compliance, and workflow automation to provide better protection against breaches.
dgrigoriciuc
Staff
Staff

Created on ‎01-13-2017 03:42 AM Edited on ‎02-22-2023 05:51 AM By Community Manager

Article Id 191873

Technical Note: FortiManager device settings and sync status conditions

Description

 

The FortiManager can indicate whether the FortiGate's configuration file has been modified and is no longer synchronized with the FortiManager device configuration.  It can also indicate other various conditions such as indicated below.
 
Solution
 
Within Device Manager, the following Device Settings Status conditions can be displayed:

- Unmodified – nothing changed on device db and nothing to install.
- Modified – configuration has changed on device db and is pending an Install or Retrieve to put it back in Unmodified status.  If Installed, a new Revision History entry will be created.

- Auto-Updated – configuration was changed directly on the FortiGate, and the changes were automatically Retrieved to the device db.

- Unknown – A model or Unregistered device is Unknown, since there is no device DB configuration stored yet.

Within Device Manager, the following Sync Status conditions can be displayed:
- Synchronized – The latest Revision History configuration entry (whether an Install or Retrieve) is aligned with the configuration on the FortiGate.

- In detail – the get sys mgmt-csum value which was collected after the final Revision History entry, matches what is on the FortiGate.

- Clicking Refresh will perform a real-time FortiGate get sys mgmt-csum validation with what is stored in the latest FortiManager Revision History entry.

- Out-of-sync – The latest Revision History configuration entry (whether an Install or Retrieve) does not match the configuration on the FortiGate.  There was either a change done directly on the FortiGate which has not been Retrieved, or a previous Install which resulted in a verify failure, with certain configuration settings that were not properly set.

- Unknown – The FortiManager is unable to determine the synchronization status, because the FortiGate is not reachable, or due to an Install Verification Failure.   If the Connectivity status is DOWN, the indicated Sync Status might be incorrect.

 

Related link:

https://help.fortinet.com/fmgr/50hlp/56/5-6-1/FortiManager_Admin_Guide/1200_Policy%20and%20Objects/0...

30015
0 Kudos
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.