Configuration Guide for FortiCloud Organizational Units with FortiGSLB
Introduction to FortiCloud Organizational Units
In the rapidly evolving landscape of IT infrastructure, having a centralized management system is imperative for seamless operations. FortiCloud Organizational Units (OUs) provide just that, particularly within the FortiGSLB ecosystem. FortiGSLB's support for FortiCloud Organization brings all your Fortinet SaaS solutions under a single, unified control point. This blog guides you on optimizing your configuration to harness the full potential of this integration.
Understanding the Impact of FortiCloud Integration
Integrating FortiCloud Organizational Units can significantly alter your existing FortiGSLB services:
- Single OneClick Organization: If your current setup involves only one FortiGSLB Cloud legacy organization of type OneClick, integration will leave your services unaffected.
- Multiple or Non-OneClick Organizations: Here, you will face limitations, such as the inability to create Fully Qualified Domain Names (FQDNs) or perform synthetic testing on the Organization page.
For those opting against migrating their legacy organizations, resources need to be moved to a OneClick legacy organization. Otherwise, assistance can be sought via Forticare to alter your organization's type.
Steps to Utilize FortiCloud Organization
Let's delve into the step-by-step guide to leveraging FortiCloud's Organizational capabilities:
1. Turn on the Organization Feature
- Go to My Account > My Account (IAM version) > Account Preferences and click Enable Organization Feature.
2. Create Organizations
- Visit support.fortinet.com and follow detailed steps for creating your organization.
3. Manage Member Accounts
Member accounts in a FortiCloud organization are independent entities but linked to the primary account. This allows individual departments to function autonomously yet stay connected centrally. However, it's crucial to note that AM users and permission profiles stemming from a member account cannot access Organizational Units (OUs).
- Refer to 'Creating new member accounts' for detailed instructions.
4. Develop Permission Profiles
These profiles dictate the access level granted to users. Establish your profiles before assigning them to users:
- Check 'Creating a permission profile' for comprehensive details.
5. Configure IAM Users
IAM users symbolize identities within a FortiCloud account, with permissions meticulously controlled by the primary account:
- Create IAM users as needed following the 'Creating a new IAM user' guide.
6. User Management
IAM users hold varied responsibilities based on their Type. You can opt to edit IAM user settings or create new ones for organizational needs:
- Refer to 'Viewing assets in the Organization' for managing IAM user access across different member accounts.
Switching Between Organizations
Flexibility in switching between different organizations ensures quick adaptation to changing operational demands:
- Log into the FortiGSLB portal and choose the required account from the selection page.
- Switch using the dropdown menu positioned at the top right corner.
Transferring One-click Devices
When reallocating devices within the FC organization portal, bear the following in mind:
- Deactivated transferred devices, servers, and virtual servers during the account migration process.
- Sync issues with FQDNs until old account data is purged.
- Update Name Server records on your Domain Name Registrar’s platform if DNS server details have changed.
This comprehensive setup will ensure that your FortiGSLB services under the FortiCloud organization run smoothly and efficiently. Revolutionizing control over your network infrastructure has never been easier.