What are the administration methods for FortiGates and are all features available across all methods?
A quick refresher on FortiGate admin methods
💡
This is part of an on-going series in cybersecurity foundations. Check the cyber 101 article tag index from time to time for more content.
For today's topic, let's briefly discuss the options available for managing FortiGates. There's essentially four methods:
- CLI - This allows the FortiGate to be controlled via admin-driven commands.
- Examples: Access via SSH clients, physical console port connectivity, GUI widget.
- API - This allows the FortiGate to be controlled/updated via programmatic tools.
- Example: Terraform, Ansible, Fortinet Developer network, etc.
- FortiManager - This is Fortinet's own centralized management product/platform for device administration.
- GUI - The local web interface for a FortiGate device.
Most features should be available across the various methods but it's worth nothing that there are a few differences/exceptions. For example, the CLI method can't view reports... but it does have some diagnostic commands not available in the GUI.
One more thing: keep in mind that some admin methods can have different user types. For example, you can create a "REST API admin" credential which would allow a custom application to initiate changes via the API itself.
For additional reading, check out the following:
Using the GUI | Administration Guide
Using the CLI | Administration Guide
