FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
This article describes how to Synchronize FortiClient Endpoints/Users Across the Security Fabric.
Scope
FortiGate v6.x.x and v7.x.x.
Solution
When FortiGates are connected in a security fabric setup, the firewalls can only show the local FortiClient users list i.e. for which the FortiGate is acting as a gateway.FortiClient user synchronization is not possible across the fabric FortiGates.
This is an expected behavior.
However, ZTNA tags can be synchronized across the fabric and they can be used in the firewall policies. If a tag is not present in the firewall, when the endpoint requests the FortiGate, it will query the EMS for further details regarding ZTNA tags.
