Ensure Root FortiGate is configured as security fabric root Rationale: Without a root FortiGate configured the security fabric is not functional and can not be leveraged Impact: Without Security Fabric enabled visibility and management of traffic throughout an organization is decreased and individual FortiGate management becomes more intensive NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
Remediation through the GUI: To configure root FortiGate status go to 'Security Fabric' -> Fabric Connectors and then select 'Security Fabric Setup' On the root FortiGate set the status to enabled and the Security Fabric Role to 'Serve as Fabric Root' Configure FortiAnalyzer settings when prompted and define a Fabric name as well as interfaces that will 'Allow other Security Fabric Devices to Join'. Default Value: Disabled