Scribd
Upload
33 views

DR Fortigate Interface Migration plan

Uploaded by

Raj Khanna
Copyright
© © All Rights Reserved
Available Formats
Download as XLSX, PDF, TXT or read online on Scribd
33 views

DR Fortigate Interface Migration plan

Uploaded by

Raj Khanna
Copyright
© © All Rights Reserved
Available Formats
Download as XLSX, PDF, TXT or read online on Scribd
You are on page 1/ 5

Phases Activity

Prerequisites
Task 1 IP address and VLAN details
Task 2 Security Policy details which are to be cloned
Task 3 Fiber Cables and SFP Connectors availability for Firewall and Switch
Task 4 Free 10G Port on DR- DMZ-SW with SFP Tested
Task 5 Free 10G Port on DR- Fortigate with SFP Tested
Task 6 Backup of DR Fortigate Firewall and DMZ switch
Pre-activity Configuration

Task 1 Configuration of 10G Interface with Dummy IP on Firewall for DMZ Network

Task 2 Cloning of DMZ policies (approx. 50) while replacing Old Interfaces (1G Aggregated) with
new 10G Interface in all the policies

Task 3 Verification of Security Policies and Interface Configuration

Task 4 Configuration of new 10G port on DR-DMZ switch for DMZ Network ( Vlan 6 )

Configuration of Fortigate during Activity

Task 1 Removal of the IP address from 1G Aggregated Interface and Configuration of the same IP
address on 10G interface

Task 2 Connecting the Fiber cable physically on 10G interfaces on Firewall from Switch
Task 3 Verification of Interface status and monitoring the traffic flow
Task 4 Two days of Hypercare
Rollback

Task 1 Reverting the backup to original Configuration on Fortigate Firewall

Task 2 Removal of new Interface configuration from Switch


DR Fortigate Interface Migra
Execution

NA
NA
NA
NA
NA
NA

• Login into Firewall


• Navigate to Network Option
• Click on the Interface and select the New 10G interface
• Configure Dummy IP details

• Navigate to Policy and Object Option


• Click on the Firewall Policy menu
• Select the policy related to DMZ, right click and copy the policy
• Paste the policy above implicit deny rule and replace the old DMZ interface with new 10G Interface
• Do this for all DMZ policies

NA
• Login to the DR-DMZ Stack Switch
• configure the new 10G port to DR-DMZ SW

• Login into Firewall


• Navigate to Network Option
• Click on the aggregated Interface and remove the IP address details
• Click on the 10G interface and configure the IP address details on the Interface

Physical Cable connectivity


NA
NA

Navigate to Admin option, click on Configuration, Restore and select the Backup File to restore to old
configuration
Disable the new changes and keep the switch configuration to the OLD running config
DR Fortigate Interface Migration
Responsibility Task Owner Downtime/ Maintenance (Yes/No) Planned Start Date & Time

HDBFS Dhaval C No NA
HDBFS Dhaval C No NA
HDBFS Dhaval C No NA
HDBFS Dhaval C No NA
HDBFS Dhaval C No NA
HDBFS Dhaval C No NA

Softcell Nikhil M No 5/29/2021

Softcell Nikhil M No 5/29/2021

HDBFS/Softcell Dhaval C / Nikhil M No 6/1/2021


Softcell Ranjit S No 6/1/2021

Softcell Nikhil M Yes 03-06-2021 20:00hrs

HDBFS Dhaval C Yes 03-06-2021 20:20hrs


HDBFS/Softcell Dhaval C / Nikhil M Yes 03-06-2021 20:35hrs
HDBFS/Softcell Dhaval C / Nikhil M No 6/4/2021

Softcell Nikhil M Yes 03-06-2021 21:30hrs


Softcell Ranjit S No 03-06-2021 21:30hrs
Planned End Date & Time Actual Start Date & Time Actual End Date & Time Activity Time Window Status

NA Offline
NA Offline
NA Offline
NA Offline
NA Offline
NA Offline

5/29/2021 NA NA 20 mins

5/31/2021 NA NA 2 days

6/1/2021 NA NA 1 day

6/1/2021 NA NA 20 mins

03-06-2021 20:20hrs 20 Mins

03-06-2021 20:35hrs 15 Mins


03-06-2021 20:55hrs 20 Mins
6/5/2021 2 days

03-06-2021 22:00hrs 30 mins

03-06-2021 21:40hrs 10 mins


Remarks

You might also like