I am a Network and Security Engineer at a small tech consulting company.
I am about to import the backup configuration file of my hardware-based FortiGate firewall onto my VM-based FortiGate firewall.
Can you please assist me with the procedure?
Thank you for your help.
Senior IT Consultant at Gateway information networks
Mar 30, 2023
To import hardware from the FortiGate firewall backup configuration file to the FortiGate-VM firewall, you can follow these steps:
Export the backup configuration file from the FortiGate firewall. You can do this by navigating to System > Dashboard > Status and selecting the Download button under the Configuration section.
Save the backup configuration file to your computer.
Log in to the FortiGate-VM firewall and navigate to System > Maintenance > Backup & Restore.
Select the Import button to upload the backup configuration file.
In the Import Configuration dialog box, select the file type as "Full Configuration."
Browse and select the backup configuration file that you saved on your computer.
Select the Import button to start the import process.
Wait for the import process to complete. This may take a few minutes.
Once the import process is complete, the FortiGate-VM firewall will reboot to apply the new configuration.
After the FortiGate-VM firewall has rebooted, you can verify that the hardware configuration has been imported by navigating to System > Dashboard > Status and checking the system information.
It's important to note that the hardware configuration of the FortiGate firewall may not match the hardware configuration of the FortiGate-VM firewall. You may need to make manual adjustments to the configuration to ensure compatibility with the FortiGate-VM hardware. It's recommended to consult the Fortinet documentation or contact Fortinet support for assistance with this process.
One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet Fortigate is very stable, reliable, and consistent. We like that we can manage the entire network from one interface; there is no going back and forth as some other solutions force you to do. Fortinet Fortigate firewalls have access point controller functionality built right into the system; there is no need for additional devices. This solution offers great built-in features for web filtering, and the VPN is an extremely valuable feature.
The reporting with Fortinet Fortigate needs some degree of customization so that more usable reports can be created. If you want extra features, you need to buy extra licenses, which can get expensive quickly. We wish we could get more with the general license. We would also like to see better cloud management.
It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco ecosystem, it is very simple to handle. This solution has traffic inspection and the Firepower engine, which provides good application visibility and control. Cisco ASA gives you full details, traffic monitoring, and threat monitoring. The solution has very solid encryption and multi-factor authentication. It is a great option to enable seamless work-from-home options.
The front-end configuration with Cisco ASA can be tough, though - there are too many steps in this process. It would also be better if there was a clear view of the integrations and the easiest way to complete them. In inexperienced hands, the Cisco ASA interface can be pretty daunting. An improved GUI would make this product much more user-friendly and competitive with other products. This solution can also be very expensive.
We chose Fortinet Fortigate. It is a better fit for us. We have clients that still have many team members working remotely and the VPN that Fortinet Fortigate provides is extremely valuable. The antivirus and the IPS intrusion prevention help add to the overall reliability and stability of Fortinet Fortigate.
Better is very subjective. If you want a firewall that your Cisco-trained engineers can integrate with your Cisco routers and Cisco switches and that supports Cisco proprietary protocols, or you need a firewall that runs at terabit speeds and integrates with FortiSwitch, I bet you know the answer.
Headline, Fortigates are fixed-port appliances, with really good hardware acceleration and a big security integration fabric.
Cisco ASA (and now Firepower) can be modular, where you choose the ports you need, but tend to cost more for the same amount of throughput and tend not to have as much integration with other parts of the security world.
There is a lot more to say but pick the things that are important to you.
I think they are for two different businesses with different digital strategies as well.
On the one hand, we have the option of consolidating everything in a single box and on the other, putting together a solution with parts and pieces that are more robust but also more complex.
And don't forget the look of the technology departments where an option clearly requires less expert level to exploit the acquired infrastructure. This is where the concept of Service appears, which in my understanding has already had to evolve from the traditional times of responses and product catalogs.
CISCO ASA is a great product, easy trouble shooting on Cmd line and GUI interface,best Cisco Support