- Forums
- Knowledge Base
- Customer Service
- FortiGate
- FortiClient
- FortiAP
- FortiAnalyzer
- FortiADC
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConnect
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEDR
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPortal
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
- Fortinet Community
- Knowledge Base
- FortiGate
- Technical Tip: Configure Fortigate Cloud in Securi...
Options
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
Description
FortiGate Cloud is a hosted security management and log retention service for FortiGate.
It provides centralized reporting, traffic analysis, configuration management, and log retention without the need for additional hardware or software.
This article describes how to configure Fortigate Cloud in Security Fabric.
Solution
System requirements.
To set up the Security Fabric, units include have to meet the Product Integration and Support requirements in the FortiOS release notes.
Some features of the Security Fabric are only available in certain firmware versions and models.
Not all FortiGate models can run the FortiGuard Security rating service if there are the root FortiGate in a Security Fabric.
For more information, see the Special Notices in the FortiOS release notes.
Prerequisites.
- If units are not already installed in the network, complete basic installation and configuration tasks by following the instructions in the unit documentation.
- FortiGate has to either have VDOMs disabled or be running in split-task VDOM mode in order to be added to the Security Fabric. See Virtual Domains.
- FortiGate has to be operating in NAT mode.
FortiGate Cloud offers a wide range of features:
- Simplified central management.
FortiGate Cloud provides a central GUI to manage individual or aggregated FortiGate and FortiWiFi .
Adding a unit to the FortiGate Cloud management subscription is straightforward.
FortiGate Cloud has detailed traffic and application visibility across the whole network.
- Hosted log retention with large default storage allocated.
Log retention is an integral part of any security and compliance program, but administering a separate storage system is onerous.
FortiGate Cloud takes care of this automatically and stores the valuable log information in the Cloud.
Each unit is allowed up to 200GB of log retention storage.
Different types of logs can be stored, including Traffic, System Events, Web, Applications, and Security Events.
- Monitoring and alerting in real time.
Network availability is critical to a good end-user experience.
FortiGate Cloud enables to monitor the FortiGate network in real time with different alerting mechanisms to pinpoint potential issues.
Alerting mechanisms can be delivered via email.
- Customized or pre-configured reporting and analysis tools
Reporting and analysis are your eyes and ears into your network’s health and security. Pre-configured reports are available, as well as custom reports that can be tailored to your specific reporting and compliance requirements. The reports can be emailed as PDFs, and can cover different time periods.
- Maintain important configuration information uniformly
The correct configuration of the units within your network is essential for maintaining optimum performance and security posture. In addition, maintaining the correct firmware (operating system) level allows you to take advantage of the latest features.
- Service security
All communication (including log information) between the units and the cloud is encrypted. Redundant data centers are always used to give the service high availability. Operational security measures have been put in place to make sure your data is secure — only you can view or retrieve it.
Registration and activation.
Before to activate a FortiGate Cloud account, it has to first register the unit.
FortiGate Cloud accounts can be registered manually through the FortiGate Cloud website, https://www.forticloud.com, or it is easy to register and activate the account directly from the FortiGate.
To activate your FortiGate Cloud account:
1) On the unit, go to Dashboard -> Status.
2) In the FortiGate Cloud widget, select the Not Activated -> Activate button in the Status field.
3) A pane will open asking to register the FortiGate Cloud account. Select Create Account, enter the information, view and accept the terms and conditions, and then select 'OK'.
4) A second dialogue window open , asking to enter the information to confirm theaccount. This sends a confirmation email to the registered email. The dashboard widget then updates to show that confirmation is required.
5) Open the email, and follow the confirmation link it contains.
A FortiGate Cloud page will open, stating that the account has been confirmed.
The Activation Pending message on the dashboard will change to state the type of the account , and will provide a link to the FortiGate Cloud portal.
Enabling logging to FortiGate Cloud.
To enable logging to FortiGate Cloud:
1) Go to Security Fabric -> Fabric Connectors -> Cloud Logging or Log & Report -> Log Settings.
2) Enable 'Cloud Logging'.
3) Select an upload option: Realtime, Every Minute, or Every 5 Minutes (default).
4) Select 'Apply'.
Logging into the FortiGate Cloud portal.
Once logging has been configured and it has registered the account, log into the FortiGate Cloud portal and begin viewing your logging results.
There are two methods to reach the FortiGate Cloud portal:
- With direct network access to the FortiGate:
1) Go to Dashboard -> Status.
2) In the FortiGate Cloud widget, in the Status field, select 'Activated', Launch Portal, or, in the Licenses widget, select FortiCare Support -> Launch Portal.
- If the access to the FortiGate’s interface is not granted, visit the FortiGate Cloud website (https://www.forticloud.com) and log in remotely, using the email and password.
It will ask to confirm the FortiGate Cloud account connected and then will be granted access.
Cloud sandboxing.
FortiGate Cloud can be used for automated sample tracking, or sandboxing, for files from a FortiGate.
This allows suspicious files to be sent to be inspected without risking network security.
If the file exhibits risky behavior, or is found to contain a virus, a new virus signature is created and added to the FortiGuard antivirus signature database.
To configure cloud sandboxing:
1) Go to Security Fabric -> Fabric Connectors and select the 'FortiSandbox card'.
2) For status, select 'Enable'.
3) Set the Type to FortiSandbox Cloud. By default, the FortiSandbox Cloud option is not visible. See Feature visibility for instructions on making it visible.
4) Select the FortiSandbox cloud region.
5) Select 'OK'.
Sandboxing results are shown on the Sandbox tab in the FortiGate Cloud portal.
For more information about FortiGate Cloud, see the FortiGate Cloud documentation.
Related document.
https://docs.fortinet.com/product/fortigate-cloud/20.3
FortiGate Cloud is a hosted security management and log retention service for FortiGate.
It provides centralized reporting, traffic analysis, configuration management, and log retention without the need for additional hardware or software.
This article describes how to configure Fortigate Cloud in Security Fabric.
Solution
System requirements.
To set up the Security Fabric, units include have to meet the Product Integration and Support requirements in the FortiOS release notes.
Some features of the Security Fabric are only available in certain firmware versions and models.
Not all FortiGate models can run the FortiGuard Security rating service if there are the root FortiGate in a Security Fabric.
For more information, see the Special Notices in the FortiOS release notes.
Prerequisites.
- If units are not already installed in the network, complete basic installation and configuration tasks by following the instructions in the unit documentation.
- FortiGate has to either have VDOMs disabled or be running in split-task VDOM mode in order to be added to the Security Fabric. See Virtual Domains.
- FortiGate has to be operating in NAT mode.
FortiGate Cloud offers a wide range of features:
- Simplified central management.
FortiGate Cloud provides a central GUI to manage individual or aggregated FortiGate and FortiWiFi .
Adding a unit to the FortiGate Cloud management subscription is straightforward.
FortiGate Cloud has detailed traffic and application visibility across the whole network.
- Hosted log retention with large default storage allocated.
Log retention is an integral part of any security and compliance program, but administering a separate storage system is onerous.
FortiGate Cloud takes care of this automatically and stores the valuable log information in the Cloud.
Each unit is allowed up to 200GB of log retention storage.
Different types of logs can be stored, including Traffic, System Events, Web, Applications, and Security Events.
- Monitoring and alerting in real time.
Network availability is critical to a good end-user experience.
FortiGate Cloud enables to monitor the FortiGate network in real time with different alerting mechanisms to pinpoint potential issues.
Alerting mechanisms can be delivered via email.
- Customized or pre-configured reporting and analysis tools
Reporting and analysis are your eyes and ears into your network’s health and security. Pre-configured reports are available, as well as custom reports that can be tailored to your specific reporting and compliance requirements. The reports can be emailed as PDFs, and can cover different time periods.
- Maintain important configuration information uniformly
The correct configuration of the units within your network is essential for maintaining optimum performance and security posture. In addition, maintaining the correct firmware (operating system) level allows you to take advantage of the latest features.
- Service security
All communication (including log information) between the units and the cloud is encrypted. Redundant data centers are always used to give the service high availability. Operational security measures have been put in place to make sure your data is secure — only you can view or retrieve it.
Registration and activation.
Before to activate a FortiGate Cloud account, it has to first register the unit.
FortiGate Cloud accounts can be registered manually through the FortiGate Cloud website, https://www.forticloud.com, or it is easy to register and activate the account directly from the FortiGate.
To activate your FortiGate Cloud account:
1) On the unit, go to Dashboard -> Status.
2) In the FortiGate Cloud widget, select the Not Activated -> Activate button in the Status field.
3) A pane will open asking to register the FortiGate Cloud account. Select Create Account, enter the information, view and accept the terms and conditions, and then select 'OK'.
4) A second dialogue window open , asking to enter the information to confirm theaccount. This sends a confirmation email to the registered email. The dashboard widget then updates to show that confirmation is required.
5) Open the email, and follow the confirmation link it contains.
A FortiGate Cloud page will open, stating that the account has been confirmed.
The Activation Pending message on the dashboard will change to state the type of the account , and will provide a link to the FortiGate Cloud portal.
Enabling logging to FortiGate Cloud.
To enable logging to FortiGate Cloud:
1) Go to Security Fabric -> Fabric Connectors -> Cloud Logging or Log & Report -> Log Settings.
2) Enable 'Cloud Logging'.
3) Select an upload option: Realtime, Every Minute, or Every 5 Minutes (default).
4) Select 'Apply'.
Logging into the FortiGate Cloud portal.
Once logging has been configured and it has registered the account, log into the FortiGate Cloud portal and begin viewing your logging results.
There are two methods to reach the FortiGate Cloud portal:
- With direct network access to the FortiGate:
1) Go to Dashboard -> Status.
2) In the FortiGate Cloud widget, in the Status field, select 'Activated', Launch Portal, or, in the Licenses widget, select FortiCare Support -> Launch Portal.
- If the access to the FortiGate’s interface is not granted, visit the FortiGate Cloud website (https://www.forticloud.com) and log in remotely, using the email and password.
It will ask to confirm the FortiGate Cloud account connected and then will be granted access.
Cloud sandboxing.
FortiGate Cloud can be used for automated sample tracking, or sandboxing, for files from a FortiGate.
This allows suspicious files to be sent to be inspected without risking network security.
If the file exhibits risky behavior, or is found to contain a virus, a new virus signature is created and added to the FortiGuard antivirus signature database.
To configure cloud sandboxing:
1) Go to Security Fabric -> Fabric Connectors and select the 'FortiSandbox card'.
2) For status, select 'Enable'.
3) Set the Type to FortiSandbox Cloud. By default, the FortiSandbox Cloud option is not visible. See Feature visibility for instructions on making it visible.
4) Select the FortiSandbox cloud region.
5) Select 'OK'.
Sandboxing results are shown on the Sandbox tab in the FortiGate Cloud portal.
For more information about FortiGate Cloud, see the FortiGate Cloud documentation.
Related document.
https://docs.fortinet.com/product/fortigate-cloud/20.3
Related Articles
Technical Tip: How to enable management of a FortiGate from FortiCloud
Labels:
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.