Athena NGFW (previously known as Network Secure) provides comprehensive protection for every network perimeter, ensuring the safety of your valuable assets, data, and users from emerging threats.
The virtual system of the firewall mainly provides Layer 4 network capabilities, without Layer 7 virtualization capabilities, and the virtualized firewalls only support routing mode. Therefore, it cannot directly replace the FortiGate VDOM feature. During migration, corresponding solutions need to be adopted based on the customer’s business requirements. Before migration, it is necessary to confirm with the customer the original purpose of using VDOMs on the FortiGate firewall:
If the purpose is to divide and isolate networks for easier management, it is recommended that the customer perform consolidation directly. For FortiGate VDOMs, a physical interface can only belong to one VDOM and cannot belong to multiple VDOMs. Therefore, on the NGFW, network interfaces can be manually divided, and zones can be selected in policies to achieve logical isolation. At the same time, different policy groups can be created on the NGFW, and different VDOM policy configurations can be managed through grouping.
If the customer uses VDOMs to resolve internal network segment conflicts by isolating through VDOMs, or wishes to achieve routing isolation so that routes between virtual firewalls do not affect each other, network adjustments will be required, as the NGFW virtual system does not support such scenarios. Note: The configuration conversion tool currently does not support VDOM configuration conversion.
Note: The current configuration conversion tool does not support FortiGate VDOM configuration migration. If you wish to change the VDOM configuration, please contact a Sangfor engineer.
{{ $t('index.defaultHeader.chromeBrowserTip') }}