FortiGate orchestration

How to manage multiple FortiGate instances without FortiManager

How to manage multiple FortiGate instances without FortiManager. Simple python scirpt. Ansible alternative.


When to use:

To gather small diagnostic data

Configure security profiles

Make small changes in configuration, such as syslog, ttl etc.



When NOT to use:

Firewall policy configuration

Interface configuration



Download

Local download here



Usage

1. Edit inventory file
2. (Note) You don't have to put FG administrator here. You will be prompted for password (-p option)
3. (Note) You can have multiple inventory files
4. Check modules directory and scripts inside
5. Create your own scripts (copy commands from FG unit)


python.exe fw_manager.py -i fortigate -c fg_time

---------------------------------Fw_TRANA---------------------------------

Tran-B $ System time: Fri Nov 4 12:37:33 2016
Tran-B $
Tran-B $ timezone : (GMT+1:00)Sarajevo,Skopje,Warsaw,Zagreb
Tran-B $
Tran-B $ ntpsync : enable
Tran-B $
Tran-B $ type : fortiguard
Tran-B $
Tran-B $
Tran-B $

---------------------------------Fw_TRANB---------------------------------

Tran-A $ System time: Fri Nov 4 12:37:38 2016
Tran-A $
Tran-A $ timezone : (GMT+1:00)Sarajevo,Skopje,Warsaw,Zagreb
Tran-A $
Tran-A $ ntpsync : enable
Tran-A $
Tran-A $ type : fortiguard
Tran-A $
Tran-A $
Tran-A $


python fw_manager.py -i inventory -c fg_perf

---------------------------------Fw_TRANA---------------------------------

Tran-B $ conservemode: 0
Tran-B $ Tran-B $
Tran-B $ CPU states: 0% user 2% system 0% nice 98% idle
CPU0 states: 0% user 2% system 0% nice 98% idle
Memory states: 52% used
Average network usage: 4656 kbps in 1 minute, 4335 kbps in 10 minutes, 4308 kbps in 30 minutes
Average sessions: 6747 sessions in 1 minute, 6340 sessions in 10 minutes, 6294 sessions in 30 minutes
Average session setup rate: 67 sessions per second in last 1 minute, 67 sessions per second in last 10 minutes, 55 sessions per second in last 30 minutes
Virus caught: 0 total in 1 minute
IPS attacks blocked: 0 total in 1 minute
Uptime: 62 days, 2 hours, 28 minutes
Tran-B $
Tran-B $

---------------------------------Fw_TRANB---------------------------------

Tran-A $ conservemode: 0
Tran-A $ Tran-A $
Tran-A $ CPU states: 1% user 2% system 0% nice 97% idle
CPU0 states: 1% user 2% system 0% nice 97% idle
Memory states: 50% used
Average network usage: 1238 kbps in 1 minute, 1479 kbps in 10 minutes, 1468 kbps in 30 minutes
Average sessions: 2102 sessions in 1 minute, 1902 sessions in 10 minutes, 1867 sessions in 30 minutes
Average session setup rate: 12 sessions per second in last 1 minute, 16 sessions per second in last 10 minutes, 15 sessions per second in last 30 minutes
Virus caught: 0 total in 1 minute
IPS attacks blocked: 0 total in 1 minute
Uptime: 208 days, 6 hours, 29 minutes
Tran-A $
Tran-A $