Currently, many projects are being launched, the purpose of which is to replace existing means of information protection. And this is not surprising - attacks are becoming more sophisticated, many defenses can no longer provide the proper level of security. In the course of such projects, various difficulties occur - the search for suitable solutions, attempts to “squeeze” into the budget, deliveries, and migration directly to a new solution. In this article, I want to tell you what Fortinet offers so that the transition to a new solution does not turn into a headache. Of course, we will focus on the transition to the product of Fortinet itself - a new generation of FortiGate firewall .
In fact, there are several such proposals, but all of them can be combined under one name - FortiConverter.
The first option is Fortinet Professional Services. It is an individual advisory service for migration. Its use allows not only to simplify your task, but also to avoid pitfalls that may arise during the migration process. A sample list of services sold is as follows:
- Developing a solution architecture using best practices, writing various manuals describing this architecture;
- Development of migration plans;
- Migration risk analysis;
- Putting devices into operation;
- Transferring the configuration from the old solution;
- Direct support and troubleshooting;
- Development, evaluation and implementation of test plans;
- Post-switch incident management.
To use this option, you can write to us .
The second option is FortiConverter Migration Tool software. With it, you can convert the configuration of third-party equipment into a configuration suitable for use on FortiGate. The list of third-party manufacturers supported by this software is presented in the figure below:
This is actually not a complete list. For a complete list, see the FortiConverter User Guide.
The standard set of parameters to be converted is as follows: interface settings, NAT parameters, firewall policies, static routes. But this set can vary greatly depending on the equipment and its operating system. Detailed information about the parameters to be converted from a specific device can also be found in the FortiConverter User Guide. It is worth noting that migration from older versions of FortiGate OS is also possible. In this case, all parameters are converted.
This software is purchased according to the annual subscription model. The number of migrations is not limited. This can greatly help if several migrations are planned during the year. For example, when replacing equipment both on the main sites and in branches. An example of the program can be seen further:
And the third, final option is FortiConverter Service. It is a one-time migration service. Migration is subject to the same parameters that can be converted through the FortiConverter Migration Tool. The list of supported third-party manufacturers is similar to the one presented above. Migration from older versions of FortiGate is also supported.
This service is only available when upgrading to FortiGate E and F Series models, as well as to FortiGate VM. The list of supported models is presented below:
This option is good because the converted configuration is loaded into an isolated test environment with the target FortiGate operating system in order to verify the correct execution of the configuration and its debugging. This can significantly reduce the amount of resources needed for testing, as well as avoid many unforeseen situations.
To use this service, you can also write to us .
Each of the options considered can significantly simplify the migration process. Therefore, if you are afraid of difficulties when switching to another solution, or have already encountered them, do not forget, you can always find help. The main thing is to know where to look;)