Using Virtual Domains; Virtual Domains; Benefits Of Vdoms - Fortinet FortiGate Series Administration Manual
Hide thumbs
Also See for FortiGate Series:
- Administration manual (60 pages) ,
- Install manual (51 pages) ,
- Quick start manual (14 pages)
Table of Contents
Advertisement
Using virtual domains
Using virtual domains
Virtual domains
Benefits of VDOMs
Easier administration
FortiGate Version 4.0 MR1 Administration Guide
01-410-89802-20090903
http://docs.fortinet.com/
•
Feedback
This section describes virtual domains (VDOMs) along with some of their benefits, and
how to use VDOMs to operate your FortiGate unit as multiple virtual units.
If you enable VDOMs on the FortiGate unit, you configure virtual domains globally for the
FortiGate unit.
To get started working with virtual domains, see
This section describes:
•
Virtual domains
•
Enabling VDOMs
•
Configuring VDOM resource limits
•
Configuring VDOMs and global settings
Virtual domains (VDOMs) are a method of dividing a FortiGate unit into two or more virtual
units that function as multiple independent units. A single FortiGate unit is then flexible
enough to serve multiple departments of an organization, separate organizations, or to act
as the basis for a service provider's managed security service.
Some benefits of VDOMs are:
•
Easier administration
•
Continued security maintenance
•
Savings in physical space and power
VDOMs provide separate security domains that allow separate zones, user authentication,
firewall policies, routing, and VPN configurations. Using VDOMs can also simplify
administration of complex configurations because you do not have to manage as many
routes or firewall policies at one time. For more information, see
settings" on page
160.
By default, each FortiGate unit has a VDOM named root. This VDOM includes all of the
FortiGate physical interfaces, modem, VLAN subinterfaces, zones, firewall policies,
routing settings, and VPN settings.
Also you can assign an administrator account restricted to that VDOM. If the VDOM is
created to serve an organization, this feature enables the organization to manage its own
configuration.
Management systems such as SNMP, logging, alert email, FDN-based updates and NTP-
based time setting use addresses and routing in the management VDOM to communicate
with the network. They can connect only to network resources that communicate with the
management virtual domain. The management VDOM is set to root by default, but you
can change it. For more information, see
page
172.
"Enabling VDOMs" on page
"VDOM configuration
"Changing the management VDOM" on
Virtual domains
164.
159
Advertisement
Table of Contents
