Fortinet Fabric Connectors for SDN and Cloud

Automated Object Synchronization in SDDC and Hybrid Cloud Environments

In increasingly dynamic network environments, security solutions must be ever more tightly coordinated with networking and other IT infrastructure to provide agility in the face of fast-paced and rapidly changing operations. Fortinet Fabric Connectors feature APIs and other interfaces to make them highly extensible platforms. They provide out-of-thebox or built-in integration mechanisms and orchestration of FortiGate or FortiManager with key SDN and public cloud solutions — including with leading vendors such as Cisco, VMware, Nuage Networks, AWS, Azure, Oracle Cloud, and others.

FEATURE HIGHLIGHTS

How do they work?

Fortinet Fabric Connectors for SDN (private clouds) and Cloud (public clouds), formerly known as Fortinet SDN Connector, enable either FortiGate as a standalone system, or FortiManager, which manages multiple FortiGates, to integrate with the third-party SDN or cloud platforms to synchronize dynamic address group objects that the FortiGate firewall policy protects. No matter how objects change their forms and locations in elastic and volatile fashions, FortiGate can identify them as Address objects, which can be used as sources and destinations, and apply appropriate firewall policies automatically without administrator’s manual intervention. Fortinet Fabric Connector is deployed to integrate between FortiGate or FortiManager and third-party technology solutions. FortiManager is optional. 

FEATURESFEATURES

  1. Log in to the Fabric Connector VM and FortiGate/FortiManager, open the GUI console, and configure Fabric Connector to import dynamic address group objects from the SDN (or third-party) platform. Make sure that Fortinet components can properly access the SDN platform. You must check the following: 
    • Where authentication is required, make sure you have allowed Fortinet      components to pass it.
    • Where network access is required, make sure you have opened relevant ports between the SDN platform and Fortinet components.
  2. Create appropriate filter conditions to create specific groups of Address objects if required.
  3. Once the Fabric Connector VM/FortiGate/ FortiManager acquires connectivity to the SDN platform, it automatically imports dynamic address group objects based on matching filters and then store them as Firewall Address objects. If the content of the dynamic objects changes, it is automatically updated through the Fabric Connector. No manual action is required.

Leave a comment

Hey, so you decided to leave a comment! That's great. Just fill in the required fields and hit submit. Note that your comment will need to be reviewed before its published.