Fortinet FortiManager 200G
Automation-Driven Centralized Management

Overview:

Manage all your Fortinet devices in a singleconsole central management system. FortiManager provides full visibility of your network, offering streamlined provisioning and innovative automation tools. Integrated with Fortinet’s Security Fabric, the security architecture and FortiManager’s Automation Driven Network Operations capabilities provide a foundation to secure and optimize network security, such as provisioning and monitoring SD-WAN.

Orchestrate Fortinet security devices and systems on-premise or in the cloud to streamline network provisioning, security policy updates, and change management.

Automate your time-intensive processes and accelerate workflows to offload NOC-SOC, reduce administrative tasks, and address talent shortages.

Optimize Visibility to the entire digital attack surface and awareness of increasing cyber threats from one centralized location, through accurate detection, automated correlation, and rapid response features.

Key Features

• Single Console Management - Manage FortiGates and its subordinate FortiSwitches, FortiAP, and FortiExtender. Provide signature updates to FortiMail, FortiSandbox, and FortiClient
• Security Automation - Reduce complexity and costs by leveraging automated REST API, scripts, connectors, and automation stitches
• Centralized Policy and Device Management - Centrally manage up to 100,000+ devices and policies such as firewalls, switches, and access points
• Zero-Touch Provisioning - Automate workflows and configurations for Fortinet firewalls, switches, and wireless infrastructure
• Secure SD-WAN Provisioning and Monitoring - Provision and monitor Secure SD-WAN from one console across your network, branch offices, or campuses
• Multi-Tenancy and Administrative Domains (ADOMs) - Separate customer data and manage domains leveraging ADOMs to be compliant and operationally effective
• Enterprise-Grade High Availability and Integration - Automate backups to up to five nodes with streamlined software and security updates for all managed devices

Highlights:

Single Pane Automation and Orchestration

FortiManager provides insight into network traffic and threats through a single-pane-of-glass and offers enterprise-class features and sophisticated security management for unified, end-to-end protection to contain advanced threats. FortiManager also delivers the industry’s best scalability to manage up to 100,000 Fortinet devices. FortiManager, coupled with the FortiAnalyzer family of centralized logging and reporting appliances, provides a comprehensive and powerful centralized management solution for your organization.

Central Management of Network Infrastructure

FortiManager provides a rich set of tools to help network admins centrally manage Security Fabric devices such as firewalls, switches, wireless wan extenders, access points, and VPNs from a single console, including capabilities to facilitate simplified deployments, centralized provisioning, and connection monitoring for VPNs, APs, SD-WAN, and more.

Configuration and Settings Management

Collectively configure device settings, use the new enhanced provisioning templates to assign firmware and policy packages during approval, and advance CLI templates for improved management of a large number of devices. Automatic device configuration backups with revision control and change auditing make daily administrative tasks easy.

Management Extensions

FortiManager’s Management Extensions pane allows rapid expansion of the Single Pane to manage more Security Fabric products. The built-in engine runs containerized management extension applications (MEAs), pulled from FortiGuard. FortiManager’s management extensions include modules to allow use of the following:

SD-WAN Orchestrator for all configuration, management, and monitoring of FortiGates on your SD-WAN network.

FortiPortal for cloud-based security and log management, allowing Managed Security Service Providers to delegate controlled access to device configuration and analytics.

FortiWLM to monitor, operate, and administer wireless networks on FortiGates that are managed by FortiManager

FortiSigConverter to import network intrusion detection rules directly into FortiManager and convert them to Fortinet supported IPS signatures.

FortiAuthenticator for identity and access management, allowing admins to provide access to protected network assets, and track user activity and compliance with security policies.

SD-WAN Orchestration and Analytics

FortiManager offers powerful SD-WAN management capabilities using intuitive workflow and simplified provisioning at scale. Enhanced SD-WAN analytics to monitor application performance and bandwidth utilization per WAN link. Leverage application centric SD-WAN business policies to fine-tune traffic steering decisions based on performance SLA targets for each WAN provider. Provide flexible deployment options for SD-WAN orchestrator, an add-on to FortiManager.

API for Automation and Orchestration

RESTful API allows MSSPs/ large enterprises to create customized, branded web portals for policy and object administration. Automate common tasks such as provisioning FortiGates and configuring existing devices. Join Fortinet Developer Network (FNDN) to access exclusive articles, how-to content for automation and customization, community-built tools, scripts, and sample code.

Security Policy Management

A Per Policy Lock has been added to 6.4 which allows admins to control the policy change by implicitly locking a policy rule when a policy is changed. Group commonly used security policies in a policy block and insert as needed in different Policy Packages. The global policy feature allows companies such as telecom, MSSP, and SAAS providers to apply a header/footer policy at the ADOM level to all policy packages or select packages. Both the Policy and Objects views now include a revision history, providing an account of admins who have made changes, change date, summary, and a mandatory change notes field for capturing reason of the change.

Multi-Tenancy and Role-Based Administration

FortiManager equips admins with granular device and role-based administration for deploying zero-trust, multi-tenancy architecture to large enterprises with a hierarchical objects database to facilitate re-use of common configurations and serve multiple customers. ADOMs are used to manage independent security environments, each with its own security policies and configuration database, and the intuitive GUI makes it easy to view, create, clone, and manage ADOMs. The zero-touch deployment uses templates to provision devices for quick mass deployment, and also supports firmware version enforcement. Define global objects such as Firewall Objects, Policies and Security Profiles to share across multiple ADOMs. Granular permissions allow assigning ADOMs, devices and policies to users based on role and responsibilities. FortiManager’s new IPS admin is a restricted user role for performing only IPS related object configuration and install.

Integration and Security Fabric

FortiManager integrates with ITSM to mitigate security events, apply configuration changes and update policies, as well as seamless integration with FortiAnalyzer for in-depth discovery, analyses, prioritization, and reporting of network security events. Use fabric connectors to facilitate connections with third-party vendors like vCenter, pxGrid, Clearpass, OCI, ESXi, AWS, and others to share and exchange data. FortiManager’s workflow for audit and compliance enables review, approval, and auditing policy changes including automating processes for policy compliance, policy lifecycle management, and enforced workflow to reduce risk.

Network and Security Operations Visibility

Automated data exchanges between security (SOC) workflows and operational (NOC) workflows, creating a single, complete workflow that not only saves time, but also provides the capacity to complete additional incident response activities. FortiManager’s NOC-SOC delivers advanced data visualization to help analysts quickly connect dots and identify threats, simplifying how organizations deliver security and remediate breaches, data exfiltration, and compromised hosts.

Monitor and Report for Deep Visibility

Monitor health of FortiGate devices in the Device Manager, with resource usage and network monitors for status of DHCP, IPsec and SSL VPN, routing, traffic shapers, and more. Use Fabric View to check Security Fabric Ratings and configurations of FortiGate devices or groups. Access vital security and network statistics, as well as real-time monitoring and topology information to provide visibility into network and user activity. For more powerful analytics, combine with a FortiAnalyzer appliance or VM for additional data mining, statistical analyses, and graphical reporting capabilities.

FortiManager High Availability

FortiManager high availability (HA) provides enhanced reliability, data protection, redundancy, and operational performance to ensure agreed uptimes and availability. In the event that the operating FortiManager unit fails, a backup FortiManager (one primary and up to four secondary) unit can take the place of the failed unit, making sure that companies have seamless access to their devices and business-critical network operations.

Specifications:

	FortiManager 200G	FortiManager 300F	FortiManager 400E	FortiManager 2000E	FortiManager 3000F
Capacity and Performance
Devices/VDOMs (Maximum)1	30	100	300	1,200	4,000
Sustained Log Rates	50	50	50	50	150
GB/Day	2	2	2	2	10
Hardware Specifications
Storage Capacity	8 TB (2 x 4 TB)	16 TB (4 x 4 TB)	24 TB (8x 3 TB)	36 TB (12x 3 TB)	48 TB (16x 3 TB)
Usable Storage (After RAID)	4 TB	8 TB	21 TB	30 TB	42 TB
RAID Levels Supported	RAID 0/1	RAID 0/1/5/10	RAID 0/1/5/6/10/50/60	RAID 0/1/5/6/10/50/60	RAID 0/1/5/6/10/50/60
Default RAID	1	10	50	50	50
Hardware Form Factor	1 RU Rackmount	1 RU Rackmount	2 RU Rackmount	2 RU Rackmount	3 RU Rackmount
Total Interfaces	4xRJ45 GE	4 x GbE RJ45, 2 x SFP	2x GE	4x GE, 2x 10 GE SFP+	4x GE, 2x 10 GE SFP+
Console Port	RJ45	RJ45	DB-9	DB-9	DB-9
Removable Hard Drives	No
Redundant Hot Swap Power Supplies	No	No
Chassis Management
Dimensions
Height x Width x Length (inches)	1.73 x 17.24 x 16.38	1.75 x 17.44 x 22.16	3.5 x 17.2 x 25.2	3.5 x 17.2 x 25.6	5.2 x 17.2 x 25.5
Height x Width x Length (cm)	4.4 x 43.8 x 41.6	4.4 x 44.3 x 56.3	8.9 x 43.7 x 64.8	8.9 x 43.7 x 64.8	13.2 x 43.7 x 64.8
Weight	22.5 lbs (10.2 kg)	28.6 lbs (13.0 kg)	52 lbs (23.6 kg)	58 lbs (26.3 kg)	76 lbs (34.5 kg)
Environment
AC Power Supply	100-240V 60-50Hz	100–240V AC, 50-60 Hz	100–240V AC, 50-60 Hz	100–240V AC, 50–60 Hz	100–240V AC, 50–60 Hz
Power Consumption (Average / Maximum)	90.1W / 99 W	108W / 186W	192.5W / 275W	293.8W / 354W	449W / 541W
Heat Dissipation	337.8 BTU/h	634 BTU/h	920 BTU/h	1209 BTU/h	1846.5 BTU/h
Operating Temperature	32 - 104° F (0 - 40° C)	32 - 104° F (0 - 40° C)	41 - 95° F (5 - 35° C)	50–95°F (10–35°C)	50–95°F (10–35°C)
Storage Temperature	-13–167ºF (-25–75ºC)	-31–158ºF (-35–70ºC)	-40 - 140° F (-40 - 60° C)	-40–158°F (-40–70°C)	-40–158°F (-40–70°C)
Humidity	20 to 90% non-condensing	20 to 90% non-condensing	8 to 90% non-condensing	8 to 90% non-condensing	8 to 90% non-condensing
Operating Altitude	Up to 7,400 ft (2,250 m)	Up to 7,400 ft (2,250 m)	Up to 9,842 ft (3,000 m)	Up to 7,400 ft (2,250 m)	Up to 7,400 ft (2,250 m)
Compliance
Safety Certifications	FCC Part 15 Class A, RCM, VCCI, CE, UL/cUL, CB	FCC Part 15 Class A, C-Tick, VCCI, CE, BSMI, KC, UL/cUL, CB, GOST

¹ Each Virtual Domain (VDOM) operating on a physical or virtual device counts as one (1) licensed network device
* FGT 7000 Series is supported on all FMG models and does not require Chassis Management.

Documentation:

Download the Fortinet FortiManager Series Datasheet (PDF).