FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
dsharma
Staff
Staff
Article Id 197888
Description
This article describes how to disable/re-enable automatic synchronization of the FortiAnalyzer and FortiManager configurations, on downstream device, when Security Fabric has been configured.
Solution
In Security Fabric topology, central management configuration is done on the root/upstream device and propagated to the downstream device(s).

Should you need to override these settings, while keeping device in Security Fabric topology, this can be done via CLI using the below commands:

CLI:

#config system csf
#set configuration-sync local
#end

*local -> Doesn't synchronize the configuration with the root FortiGate, and you must configure settings individually.

Should you need re-enable the synchronization, the command is: 

CLI:

#config system csf
#set configuration-sync default
#end

*default -> Synchronizes the configuration for FortiAnalyzer, FortiSandbox, and Central Management to the root FortiGate

Before disabling automatic synchronization:


After disabling automatic synchronization:



Contributors