Information
Ensure Root FortiGate is configured as security fabric root
Rationale:
Without a root FortiGate configured the security fabric is not functional and can not be leveraged
Impact:
Without Security Fabric enabled visibility and management of traffic throughout an organization is decreased and individual FortiGate management becomes more intensive
NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
Remediation through the GUI:
To configure root FortiGate status go to 'Security Fabric' -> Fabric Connectors and then select 'Security Fabric Setup'
On the root FortiGate set the status to enabled and the Security Fabric Role to 'Serve as Fabric Root'
Configure FortiAnalyzer settings when prompted and define a Fabric name as well as interfaces that will 'Allow other Security Fabric Devices to Join'.
Default Value:
Disabled