In VMware Aria Operations for Networks, you can add Fortinet FortiManager as a data source.

Prerequisites

You must verify the following information:
  • The data source and its version is supported in VMware Aria Operations for Networks. For more information, see Supported Products and Versions.
  • The data source follows VMware Ports and Protocols supported in VMware Aria Operations for Networks. For more information, see VMware Ports and Protocols.
  • You have at least the Restricted User role with access to all ADOMs and policy packages.
  • You have the rpc-permit read-write access enabled from Command Line Interface (CLI).

    To configure the rpc permission, use the following command in FortiManager CLI:

    config system admin user
    edit "<administrator name>"
    set rpc-permit [none | read | read-write ]
    end

Procedure

  1. From the left navigation pane, go to Settings > Accounts and Data Sources.
  2. Click Add Source.
  3. Under Firewalls, select Fortinet FortiManager.
  4. On the Add a New Fortinet FortiManager Account or Source page, enter the required information:
    Option Action
    Collector VM Select the collector VM from the drop-down menu.
    IP Address/FQDN Enter the IP Address or the FQDN details.
    Username Enter the user name you want to use for this data source.
    Password Enter the password.
  5. Click Validate.
  6. Define the polling interval for the configuration data collection. You can set the polling interval from 10 minutes to 7 days.
    • Preset - Select the interval time from the predefined time set.
    • Custom Interval - Set a value and select Minutes, Hours, and Days.
    • Fixed Schedule - Select the days and set the time to schedule the interval.
  7. (Optional) In the Nickname text box, enter a nickname.
  8. (Optional) In the Notes text box, add a note if necessary.
  9. Click Submit.

What to do next

VMware Aria Operations for Networks supports the following features of Fortinet FortiGate firewall:
  • Layer 3 Routing (IPv4)
  • Security Policy
  • Security Zone
  • NAT (Network Address Translation)
  • Virtual Domain