06. Global ADOM And Central Management Flashcards
Assign global policy package
Explicitly assign global policy package to required ADOM
Global policies with multiple ADOMs
different ADOMs can use separate global policies
Types of policies in Global Database ADOM
Header policy - located at the top of the policy package in the individual ADOM
Footer policy - policies located at the bottom of the policy package in the individual ADOM
Global objects
global objects start with “g” and are edited or deleted in the global ADOM only.
Global header policy appearance
On FMG
Global Database ADOM appear as header policy
On FMG specific fortigate policy package Appears under firewall header policy
On FGT global policy header will appear at the top of firewall policy preceding any other firewall rules
What is the purpose of global ADOM on FMG
A. To push global device level changes to devices in selected ADOM
B. To push similar firewall policies universally to selected ADOMs
B. To push similar firewall policies universally to selected ADOMs
How are global objects identified
A. Global objects starts with “g”
B. Global objects starts with “o”
A. Global objects starts with “g”
Security fabric ratings in FMG
You cannot use FortiManager to generate Security Fabric ratings; you must use FortiOS to generate Security Fabric ratings for a FortiGate Security Fabric group, and then you can see the Security Fabric ratings in FortiManager.
MEA requirements
some MEAs require a minimum amount of memory or a minimum number of CPU cores.
RAM and CPU are capped at 50% for MEAs
FortiManager uses port TCP port 443 or TCP port 4443 to connect to the Fortinet registry and download MEAs. Make sure that the port is also open on any upstream FortiGate devices.
Some MEA require RW JSON API access
Which of the following is requirement for MEA
A. Open tcp port 80
B. RW JSON API access
B. RW JSON API access