VMware ESXi Administration Guide

FortiManager 7.6.0
FORTINET DOCUMENT LIBRARY
https://docs.fortinet.com

FORTINET VIDEO LIBRARY

https://video.fortinet.com

FORTINET BLOG
https://blog.fortinet.com

CUSTOMER SERVICE & SUPPORT

https://support.fortinet.com

FORTINET TRAINING & CERTIFICATION PROGRAM

https://www.fortinet.com/training-certification

FORTINET TRAINING INSTITUTE

https://training.fortinet.com

FORTIGUARD LABS
https://www.fortiguard.com

END USER LICENSE AGREEMENT

https://www.fortinet.com/doc/legal/EULA.pdf

FEEDBACK
Email: techdoc@fortinet.com

December 16, 2024

FortiManager 7.6.0 VMware ESXi Administration Guide
02-760-1055328-20241216
 TABLE OF CONTENTS

Change log 4
About FortiManager on VMware ESXi 5
Licensing 5
Trial license 5
Add-on license 6
Licensing in an air-gap environment 6
Preparing for deployment 7
Minimum system requirements 7
Registering your FortiManager-VM 8
Deployment package for VMware ESXi 9
Downloading a deployment package 9
Compatibility for VM hardware versions 10
Deployment 11
Deploying FortiManager on VMware vSphere 11
Deploying the OVF file 12
Configuring hardware settings 16
Powering on the VM 18
Configuring initial settings 18
Enabling GUI access 18
Connecting to the GUI and enabling a trial license 19
Upgrading to an add-on license 19
Configuring your FortiManager 19
Security Fabric connector integration with VMware vCenter 21
vMotion in a VMware environment 22

FortiManager 7.6.0 VMware ESXi Administration Guide 3

Fortinet Inc.
Change log

Date Change description

2024-07-29 Initial release of FortiManager 7.6.0.

2024-12-16 Updated Minimum system requirements on page 7.

FortiManager 7.6.0 VMware ESXi Administration Guide 4

Fortinet Inc.
About FortiManager on VMware ESXi

This document provides information about deploying a FortiManager virtual appliance in VMware vSphere Hypervisor
(ESX/ESXi) and VMware vSphere Client environments.
This includes how to configure the virtual appliance's virtual hardware settings. This guide presumes that the reader has
a thorough understanding of virtualization servers.
This document does not cover configuring and operating the virtual appliance after successfully installing and starting it.
For that information, see the FortiManager Administration Guide.

Licensing

Fortinet offers the FortiManager-VM with a limited, free trial license. Stackable licenses can be purchased, letting you
expand your VM solution as your environment expands. You can purchase perpetual or subscription-based licenses.
Perpetual licenses never expire.
For information on purchasing a FortiManager-VM license, contact your Fortinet-authorized reseller, or visit How To Buy.
When configuring your FortiManager-VM, ensure that you configure hardware settings acording to the minimum system
requirements and consider future expansion. Contact your Fortinet-authorized reseller for more information.

License Devices/VDOMs GB/day of logs with FortiAnalyzer

enabled (not stackable)

Trial License 3 0
FortiAnalyzer features not supported

VM-10-UG +10 2

VM-100-UG +100 5

VM-1000-UG +1000 10

VM-5000-UG +5000 25

VM-10K-UG +10000 50

See Minimum system requirements on page 7.

See also the FortiManager product datasheet.

Trial license

With a FortiCare account, FortiManager-VM includes a free limited non-expiring trial license.
The free trial license includes support to add 3 devices/VDOMS and use 3 ADOMs.
The free trial license does not include services or support.

FortiManager 7.6.0 VMware ESXi Administration Guide 5

Fortinet Inc.
 About FortiManager on VMware ESXi

You can activate the trial license when you connect to the GUI for the FortiManager-VM. Full-feature products and
services are available for purchase with an add-on license. See Connecting to the GUI and enabling a trial license on
page 19.

Add-on license

You must activate a trial license before you can upgrade FortiManager-VM to a purchased add-on license.
See also the FortiManager VM Trial License Guide on the Document Library.

Licensing in an air-gap environment

Enabling the trial license requires internet access. This is used to connect to FortiCloud and your FortiCare account on
the Technical Support Site. It is also used to receive the license agreement. If you are licensing in an air-gap
environment, see Licensing in an air-gap environment in the FortiManager Administration Guide.

FortiManager 7.6.0 VMware ESXi Administration Guide 6

Fortinet Inc.
Preparing for deployment

You can prepare for deployment by reviewing the following information:

l Minimum system requirements
l Registering your FortiManager-VM
l Deployment package for VMware ESXi on page 9
l Downloading a deployment package

Minimum system requirements

FortiManager-VM has a minimum requirement of 4 CPU, 8 GB of RAM, and 500 GB of disk

storage. In 7.2.5 and later and 7.4.1 and later, the minimum requirement for RAM is increased
to 16 GB.

The following table includes example minimum system requirements for your VM hardware based on the number of
devices/VDOMs that your VM will manage. This table is not inclusive of all scenarios and is based on the minimum
requirements introduced in version 7.4.1.

Maximum devices/ VDOMs VM hardware requirements

RAM (GB) CPU cores

100 16 4

300 16 6

1200 32 6

4000 64 16

10000 128 24

This table does not take into account other hardware specifications, such as bus speed, CPU
model, or storage type.

Enabling FortiAnalyzer features requires additional resources.

See the minimum system requirements for FortiAnalyzer-VM as a guideline for how many
additional resources your deployment may require.

Using Management Extension Applications (MEA) requires more resources. For details, see
the FortiManager Release Notes.

FortiManager 7.6.0 VMware ESXi Administration Guide 7

Fortinet Inc.
Preparing for deployment

Registering your FortiManager-VM

After placing an order for a FortiManager-VM, you receive a license registration code to the email address that you used
in the order form. Use the license registration code provided to register the FortiManager-VM with Customer Service &
Support.
Upon registration, you can download the license file. You need this file to activate your FortiManager-VM. You can
configure basic network settings from the CLI to complete the deployment. Once the license file is uploaded and
validated, the CLI and GUI are fully functional.
For more information on registering assets in FortiCloud, see the FortiCloud Asset Management Guide.

To register your FortiManager:

1. Ensure that you have the following items needed to complete the procedure:
l License registration code emailed to you after you placed an order for a FortiManager-VM
l Support contract number
l A static FortiManager IPv4 address
2. Log in to FortiCloud using a support account, or create an account.
3. In the main page, select Register Now.
4. Enter the registration code from the FortiManager license certificate emailed to you, select the End User Type, then
click Next.
5. Enter an optional product description and the static IP address that will be used during license validation, then click
Next.

As a part of the license validation process, the FortiManager-VM compares its configured
IP addresses with the IP address information in the license file. The license must be
associated with an IP address assigned to one of the interfaces on the FortiManager. If a
new license has been imported or the FortiManager’s associated IP address has changed,
you must reboot the FortiManager for the system to validate the change and operate with a
valid license.

The FortiCloud portal does not support IPv6 for FortiManager license validation. You must
specify an IPv4 address in the support portal and the port management interface.

6. Review your asset details and accept the terms of the contract, then click Confirm.
7. From the Registration Completed page, you can download the FortiManager license file, select Register More to
register another FortiManager, or select Done to complete the registration process.
8. Select License File Download to save the license file (.lic) to your management computer.
l In FortiCloud, you can also download your license file by selecting your FortiManager in Products > Product
List and selecting the license file under Product Information.

FortiManager 7.6.0 VMware ESXi Administration Guide 8

Fortinet Inc.
Preparing for deployment

Deployment package for VMware ESXi

Firmware images on the Customer Service & Support site include FortiManager-VM deployment packages. The
following table lists the available VM deployment package:

VM platform Deployment file

VMware ESXi ESX/ESXi server:

FMG_VM64-vX-buildxxxx-FORTINET.out.ovf.zip

For the latest information on virtualization software support, see the corresponding
FortiManager Release Notes on the Fortinet Docs Library.

The .out.ovf.zip file contains:

File Description
DATADRIVE.vmdk FortiManager-VM log disk in VMDK format.
FMG.vmdk FortiManager system hard disk in Virtual Machine Disk (VMDK)
format.
FortiManager-VM64.hw14.ovf OVF template file for VMware ESXi 6.7 and later versions.
FortiManager-VM64.hw14.vapp.ovf OVF template file for VMware vSphere, vCenter, and vCloud (ESXi
6.7 and later).
FortiManager-VM64.ovf OVF template based on Intel e1000 NIC driver.
FortiManager-VM64.vapp.ovf OVF template file for VMware vSphere, vCenter, and vCloud (earlier
than ESXi 6.7).

For more information about FortiManager, see the FortiManager datasheet.

Downloading a deployment package

Firmware image FTP directories are organized by firmware version, major release, and patch release. The firmware
images in the directories follow a specific naming convention. Each firmware image is specific to the device model. For
example, the FMG_VM64_HV-v5.6.0-buildxxxx-FORTINET.out.hyperv.zip image, found in the 5.6.0 directory,
is specific to the 64-bit Microsoft Hyper-V Server virtualization environment.

You can download the FortiManager Release Notes and MIB file from this directory. The
Fortinet Core MIB file is located in the FortiManager > Download tab.

FortiManager 7.6.0 VMware ESXi Administration Guide 9

Fortinet Inc.
Preparing for deployment

Download the .out file to upgrade your existing FortiManager installation.

To download the deployment package:

1. Log in to the Fortinet Customer Service & Support Portal then, from the toolbar select Support > Firmware
Download.
The Firmware Images page opens.
2. From the Select Product dropdown, select FortiManager. Then go to the Download tab.
3. Browse to the appropriate directory for the version that you would like to download.
4. Download the appropriate firmware image and release notes to your management computer.
5. Extract the contents of the package to a new folder on your management computer.

Compatibility for VM hardware versions

FortiManager-VM supports ESXi 6.5 and later versions. Using corresponding hardware versions 13 and later is highly
recommended, as mentioned in Virtual machine hardware versions.
It is recommended to upgrade hardware versions incrementally with only one delta at a time. For example, upgrading
from 10 to 11, 11 to 12, 12 to 13, then 13 to 14 is recommended, although directly upgrading from 10 to 14 generally has
no issues.

To upgrade hardware versions:

1. Log in to vSphere Client web console.

2. In the left pane tree-menu, right-click the FortiManager-VM.
3. From the shortcut menu, select Compatibility > Schedule VM Compatibility Upgrade.
4. Click YES.
5. From the Compatible with dropdown, select the desired compatibility.
6. Click OK.
7. Reboot the FortiManager-VM.

FortiManager 7.6.0 VMware ESXi Administration Guide 10

Fortinet Inc.
Deployment

Prior to deploying the FortiManager, the VM platform must be installed and configured so that it is ready to create virtual
machines. The installation instructions for FortiManager presume that you are familiar with the management software
and terminology of your VM platform.
You might also need to refer to the documentation provided with your VM server. The deployment information in this
guide is provided as an example because, for any particular VM server, there are multiple ways of creating a virtual
machine - command line tools, APIs, alternative graphical user interface tools.
Before you start your FortiManager appliance for the first time, you might need to adjust virtual disk sizes and networking
settings. The first time you start FortiManager, you will have access only through the console window of your VM server
environment. After you configure one network interface with an IP address and administrative access, you can access
the FortiManager GUI (see Enabling GUI access on page 18).

Deploying FortiManager on VMware vSphere

After you download the FMG_VM64-vx-buildxxxx-FORTINET.out.ovf.zip file and extract the package contents
to a folder on your management computer, you can deploy the OVF package to your VMware environment.
Prior to deploying the FortiManager-VM, ensure that you configure the following and they are functioning properly:
l You must install VMware vSphere Hypervisor™ (ESX/ESXi) software on a server and update it to the latest patch
release prior to installing FortiManager. Go to What is a vSphere Hypervisor? for installation details.
l You must install VMware vSphere Client™ on the computer that you will use for managing the FortiManager-VM.
This section includes the following topics:
l Deploying the OVF file
l Configuring hardware settings
l Powering on the VM

FortiManager 7.6.0 VMware ESXi Administration Guide 11

Fortinet Inc.
 Deployment

Deploying the OVF file

To deploy the OVF file template:

1. Log in to vSphere Client web console.

2. In the sidebar tree, right-click the intended physical host.

3. From the shortcut menu, select Deploy OVF Template....

The Deploy OVF Template wizard displays.
4. Using the Deploy OVF Template wizard, configure the FortiManager-VM:
a. Select an OVF Template.

i. Select the Local file radio button.

ii. Click Browse and select the two VMDK files and the appropriate OVF template file for your platform.
The VMDK and OVF files are included in the deployment package. See Deployment package for VMware
ESXi on page 9.

FortiManager 7.6.0 VMware ESXi Administration Guide 12

Fortinet Inc.
Deployment

Alternatively, you can upload the files from a remote server. In this case, select the
URL radio button and enter the URL of the files.
Make sure the VMDK files and the appropriate OVF template file from the
deployment package are in the same path.

iii. Click NEXT.

b. Select a name and folder.

i. In the Virtual machine name field, enter a name for the VM.
The name can contain up to 80 characters and must be unique within the inventory folder.
ii. From the tree menu, select the location for the VM.
iii. Click NEXT.
c. Select a compute resource.

i. From the tree menu, select the physical machine.

ii. Click NEXT.

FortiManager 7.6.0 VMware ESXi Administration Guide 13

Fortinet Inc.
Deployment

d. Review details.

i. After reviewing the OVF details, click NEXT.

e. License agreements.

i. After reviewing the license agreements, select the checkbox for I accept all license agreements.
ii. Click NEXT.

FortiManager 7.6.0 VMware ESXi Administration Guide 14

Fortinet Inc.
Deployment

f. Select storage.

i. From the Select virtual disk format dropdown, select one of the following:
o Thick Provision Lazy Zeroed: Allocates the disk space statically (no other volumes can take the
space), but does not write zeros to the blocks until the first write takes place to that block during
runtime (which includes a full disk format).
o Thick Provision Eager Zeroed: Allocates the disk space statically (no other volumes can take the
space), and writes zeros to all the blocks.
o Thin Provision: Allocates the disk space only when a write occurs to a block, but the Virtual Machine
File System (VMFS) reports the total volume size to the OS. Other volumes can take the remaining
space. This allows you to float space between your servers, and expand your storage when your size
monitoring indicates there is a problem. Once a Thin Provisioned block is allocated, it remains in the
volume regardless of whether you have deleted data.

If you know your environment will expand in the future, adding hard disks larger
than the FortiManager base license requirement and utilizing Thin Provision
when setting the OVF Template disk format is recommended. This allows your
environment to expand as required while not taking up more space in the SAN
than needed.

ii. From the menu, select the data storage location.

iii. Click NEXT.

FortiManager 7.6.0 VMware ESXi Administration Guide 15

Fortinet Inc.
 Deployment

g. Select networks.

i. Map the networks used in this OVF template to networks in your inventory.
Network 1 maps to port1 of the FortiManager. You must set the destination network for this entry to access
the device console.
ii. Click NEXT.
h. Ready to complete.

i. After verifying the information, click FINISH to start the deployment.

You may need to configure the FortiManager hardware settings before powering on the VM. See
Configuring hardware settings on page 16.

Configuring hardware settings

Before powering on your FortiManager-VM, you must configure the virtual memory, virtual CPU, and virtual disk.

FortiManager 7.6.0 VMware ESXi Administration Guide 16

Fortinet Inc.
Deployment

To configure hardware settings:

1. In the vSphere Client, select the VM from the tree menu in the left pane.
2. In the VM Hardware pane, click Edit Settings....
The Edit Settings dialog displays.

3. In the CPU field, adjust the number of CPU cores as required.

4. In the Memory field, adjust the memory size as required. See Minimum system requirements on page 7 to
determine your required memory.
5. In the Hard disk 2 field (the log disk), adjust the size required. You should not edit Hard disk 1.

The FortiManager-VM requires at least two virtual hard disks. Before powering on the
FortiManager-VM, you must add at least one more virtual hard disk (ideally above 500
GB).
The VM should therefore be configured with the following disks:
l The default hard drive that contains the OS and should not be modified. In this

example, the default hard drive is referred to as Disk1.

l One or more additional disks, for example Disk2 and Disk3, used by LVM for logs,
reports, swap, and other storage requirements.
The default virtual hard disk storage size (Disk1) should not be modified to increase
capacity. Only increasing Disk2, Disk 3, or adding extra disks will extend LVM disk on the
FortiManager-VM.

The FortiManager-VM allows you to add twelve virtual log disks to a deployed instance.
When adding additional hard disks, use the following CLI command to extend the LVM
logical volume:
execute lvm extend
For more information, see the FortiManager CLI Reference.

6. Click OK to apply your changes.

FortiManager 7.6.0 VMware ESXi Administration Guide 17

Fortinet Inc.
 Deployment

Powering on the VM

You can now proceed to power on your FortiManager.

To power on the VM:

1. In the vSphere Client, select the VM from the tree menu in the left pane.
2. From the ACTIONS dropdown, select Power > Power On.
3. Once it is enabled, click Launch Web Console.
4. Once the VM starts, proceed with the initial configuration. See Configuring initial settings on page 18.

Configuring initial settings

Before you can connect to the FortiManager-VM, you must configure basic network settings via the CLI console. Once
configured, you can connect to the FortiManager GUI.

Enabling GUI access

To enable GUI access to the FortiManager, you must configure the IP address and network mask of the appropriate port
on the FortiManager. To enable access to the GUI from a browser, HTTP and HTTPS access must be enabled as well.
In FortiManager 7.4.2 and later, you must also change the mode from dhcp to static.
The following instructions use port 1.

You can determine the appropriate port by matching the network adapter's MAC address and
the HWaddr that the CLI command diagnose fmnetwork interface list provides.

In FortiManager 7.4.2 and later, the default configuration for port 1 is as follows:
config system interface
edit port1
set mode dhcp
set allowaccess https ssh
set type physical
next
end

To configure the port1 IP address and netmask:

1. In your hypervisor manager, start the FortiManager and access the console window. You might need to press Enter
to see the login prompt.
2. At the FortiManager login prompt, enter the username admin, then press Enter. By default, there is no password.
3. Using CLI commands, configure port 1.
config system interface
edit port1
set mode static <--- this variable only needs to be configured in
FortiManager v7.4.2 and later

FortiManager 7.6.0 VMware ESXi Administration Guide 18

Fortinet Inc.
 Deployment

set ip <IP address> <netmask>

set allowaccess http https <--- other management access, such as SSH, can be
included in the list as well
next
end
For more information about CLI commands, see the FortiManager CLI Reference in the Fortinet Document Library.

The port management interface should match the first network adapter and virtual switch
that you have configured in the hypervisor VM settings.

4. To configure the default gateway, enter the following commands:

config system route
edit 1
set device port1
set gateway <gateway_ipv4_address>
end

The Customer Service & Support portal does not currently support IPv6 for FortiManager
license validation. You must specify an IPv4 address in the support portal and the port
management interface.

Connecting to the GUI and enabling a trial license

Once you have configured a port's IP address and network mask, you can connect to the GUI by using a web browser.
Enabling the trial license requires internet access. This is used to connect to FortiCloud and your FortiCare account on
the Technical Supoprt Site. It is also used to receive the license agreement. If you are licensing in an air-gap
environment, see Licensing in an air-gap environment in the FortiManager Administration Guide.

To connect to the GUI and enable a trial license:

1. Launch a web browser, and enter the IP address you configured for the port management interface.
2. At the login page, select Free Trial, and click Login with FortiCloud to start the process of activating your free trial
license.
If you do not have a FortiCloud account, click Register with FortiCloud to create one.
See also the FortiManager VM Trial License Guide on the Document Library.

Upgrading to an add-on license

You must activate a trial license before you can upgrade FortiManager-VM to a purchased add-on license.
See also the FortiManager VM Trial License Guide on the Document Library.

Configuring your FortiManager

Once the FortiManager license has been validated, you can configure your device.

FortiManager 7.6.0 VMware ESXi Administration Guide 19

Fortinet Inc.
Deployment

If the amount of memory or number of CPUs is too small for the VM, or if the allocated hard
drive space is less than the licensed VM storage volume, warning messages show in the GUI
in the System Resources widget on the dashboard and in the Notification list.

For more information on configuring your FortiManager, see the FortiManager Administration Guide.

FortiManager 7.6.0 VMware ESXi Administration Guide 20

Fortinet Inc.
Security Fabric connector integration with VMware vCenter

You can create SDN connectors for VMware vCentre to allow FortiGate to retrieve dynamic addresses from VMware
vCenter via FortiManager.
For more information, see the FortiManager Administration Guide.

FortiManager 7.6.0 VMware ESXi Administration Guide 21

Fortinet Inc.
vMotion in a VMware environment

This guide provides sample configuration of a vMotion FortiManager-VM in a VMware environment. VMware vMotion
enables the live migration of a running FortiManager-VM from one physical server to another with zero downtime,
continuous service availability, and complete transaction integrity. It also provides transparency to users.
The following depicts the network topology for this sample deployment. In this sample deployment, there are two hosts,
Host 48 (100.64.30.48) and Host 50 (100.64.30.50), that are members of Cluster 1 in the DataCenter 1. The vCenter
server (vcenter67.fmg.lab) manages DataCenter 1.

This configuration requires the following prerequisites:

l You have set up the vCenter server and created the data center and cluster.
l Host 48 and Host 50 are members of the cluster.
l A Gigabit Ethernet network interface card with a VMkernel port enabled for vMotion exists on both ESXi hosts.
l A FortiManager-VM that is set up and able to handle traffic.

To migrate the FortiManager-VM on the vCenter web portal:

1. Log in to the vCenter web portal.

2. Verify the current location of the FortiManager-VM:
a. Go to the FortiManager-VM.
b. On the Summary tab, check the Host. In this example, the host is currently Host 48 (100.64.30.48).

FortiManager 7.6.0 VMware ESXi Administration Guide 22

Fortinet Inc.
vMotion in a VMware environment

c. Go to Storage > Files. Check that the FortiManager-VM is located in the correct datastore. In this example, the
datastore is currently Datastore 48, in Host 48.

3. Right-click the FortiManager-VM and select Migrate.

FortiManager 7.6.0 VMware ESXi Administration Guide 23

Fortinet Inc.
vMotion in a VMware environment

4. Configure the migration options:

a. For Select a migration type, select Change both compute resource and storage. Click NEXT.

b. For Select a compute resource, select the desired new compute resource. In this example, Host 50
(100.64.30.50) is selected. Click NEXT.

c. For Select storage, select the storage associated with the selected compute resource. In this example,
Datastore 50 (as corresponds to Host 50) is selected. Click NEXT.

FortiManager 7.6.0 VMware ESXi Administration Guide 24

Fortinet Inc.
vMotion in a VMware environment

d. For Select networks, select the desired destination network at the selected compute resource. In this example,
the source network is at Host 48, and the destination network is at Host 50. Click NEXT.

FortiManager 7.6.0 VMware ESXi Administration Guide 25

Fortinet Inc.
vMotion in a VMware environment

e. For Select vMotion priority, select Schedule vMotion with high priority (recommended). Click NEXT.

5. Before initiating the migration, open the CLI for the FortiManager-VM to check on traffic during the migration. Enter
diagnose sniffer packet any 'icmp and host 8.8.8.8' to check if traffic is stable. If no traffic is lost
during migration and the FortiManager-VM SSH session does not break, the output resembles the following:

FortiManager 7.6.0 VMware ESXi Administration Guide 26

Fortinet Inc.
vMotion in a VMware environment

6. Click FINISH.

After a few seconds, the FortiManager-VM is migrated to the new compute resources, in this case Host 50.
7. Log into the vCenter web portal. Go to the FortiManager-VM. On the Summary tab, the Host is now the new
compute resources, in this case Host 50 (100.64.30.50).

8. Go to Storage > Files. It shows that the FortiManager-VM is now located in a new datastore, in this example
Datastore 50.

FortiManager 7.6.0 VMware ESXi Administration Guide 27

Fortinet Inc.
 www.fortinet.com

Copyright© 2024 Fortinet, Inc. All rights reserved. Fortinet®, FortiGate®, FortiCare® and FortiGuard®, and certain other marks are registered trademarks of Fortinet, Inc., and other Fortinet names herein
may also be registered and/or common law trademarks of Fortinet. All other product or company names may be trademarks of their respective owners. Performance and other metrics contained herein were
attained in internal lab tests under ideal conditions, and actual performance and other results may vary. Network variables, different network environments and other conditions may affect performance
results. Nothing herein represents any binding commitment by Fortinet, and Fortinet disclaims all warranties, whether express or implied, except to the extent Fortinet enters a binding written contract,
signed by Fortinet’s Chief Legal Officer, with a purchaser that expressly warrants that the identified product will perform according to certain expressly-identified performance metrics and, in such event, only
the specific performance metrics expressly identified in such binding written contract shall be binding on Fortinet. For absolute clarity, any such warranty will be limited to performance in the same ideal
conditions as in Fortinet’s internal lab tests. Fortinet disclaims in full any covenants, representations, and guarantees pursuant hereto, whether express or implied. Fortinet reserves the right to change,
modify, transfer, or otherwise revise this publication without notice, and the most current version of the publication shall be applicable.