Fortinet Secure SD-WAN — FortiManager Cloud

When you enable SD-WAN monitoring on your Fortinet FortiManager Cloud orchestrators, you can monitor orchestrators, edge devices, and their interfaces polled via API. You can use alerts and reports relevant to SD-WAN monitoring.

SD-WAN monitoring is only supported for FortiManager Cloud

Monitor SD-WAN edge devices

Add edge devices managed by a monitored Fortinet FortiManager Cloud orchestrator to get further details via Fortinet FortiManager Cloud API.

You can display general details, such as edge device name, model, serial number, status, or type.
You can display all IP addresses for the device and properly match IPs received in NetFlow data to the node.
You can monitor uplinks (WAN interfaces).

Monitor orchestrators

You can display status and response time, polled via REST (Fortinet FortiManager Cloud API).
You can display the list of all devices managed by an orchestrator and add them in a simplified discovery as API-only nodes.

Fortinet FortiManager Cloud setup and monitoring steps

Monitored properties

SD-WAN metrics are polled via API from the orchestrator. Collected data includes:

Orchestrator Inventory and Status
General edge device Info
Edge device uplinks (WAN interfaces)

Interface polling

Status
Rediscovery
Statistics

For details, see Monitor Fortinet FortiManager Cloud SD-WAN interfaces.

Rate limits

A Fortinet FortiManager Cloud orchestrator is limited to 250 requests/5 seconds for a polling engine.

Session limit

Four active sessions are supported per user for an idle timeout of 15 minutes. As a result, Fortinet FortiManager Cloud API polling may fail after a couple of session refresh.

The SolarWinds Platform needs two active sessions for regular and declarative polling. SolarWinds recommends that you do not use the account used by the SolarWinds Platform account for other purposes not to exceed the session limitation.

Requirements and recommendations for polling

Use dedicated Fortinet credentials for SolarWinds Platform polling.
Poll all Fortinet FortiManager Cloud devices using one polling engine.
Do not re-run the discovery for 30 minutes after you complete adding the nodes.

Add new SD-WAN devices for monitoring in SolarWinds Observability Self-Hosted

To monitor SD-WAN, add the orchestrator as a node, and then add edge devices.

Each monitored Fortinet FortiManager Cloud orchestrator uses a node license.

Add an orchestrator

Log in to the SolarWinds Platform Web Console as an administrator.
Click Settings > Manage Nodes, and then click Add a Node.
In Polling Method, select Orchestrators: API.
Under Orchestrators, select Fortinet FortiManager Devices.
Enter your username, password, and client ID.
Review and adjust the device properties, credentials, proxy settings, and polling intervals.
(Optional): Configure custom properties and alert thresholds.
Click OK, Add Node.

The added device is now monitored as an SD-WAN orchestrator. Add connected devices to complete the SD-WAN configuration.

Add devices connected to the orchestrator as API-only nodes

When you have added the orchestrator for monitoring, you need to add edge devices you want to monitor.

In SolarWinds Platform Web Console, click Settings > Manage Nodes.
On the Manage Nodes view, click the added orchestrator node.
On the SD-WAN Orchestrator Details view, click Discover Fortinet FortiManager Cloud Devices in the Management widget.
Select that you want to monitor Fortinet FortiManager Cloud devices as API-only nodes and click Continue. Network Sonar Wizard will be launched automatically.
Complete the wizard by clicking Discover on the last tab. The wizard discovers the devices based on the Fortinet FortiManager Cloud API.
Discovered devices are listed in the Network Sonar Results wizard. Complete the wizard to add devices for monitoring.

When you finish the wizard, go to the SD-WAN Orchestrator Details page (Settings > Manage Nodes > click the orchestrator node). After the next poll, the page will display data not only for the orchestrator, but also for monitored edge devices.

Configure SD-WAN monitoring on devices already monitored with SolarWinds Platform

If you monitored SD-WAN edge devices using SNMP, you can keep monitoring it via SNMP but you will not get any SD-WAN-related details. See API-based monitoring for Fortinet FortiManager Cloud devices.

To get SD-WAN details for the orchestrator and its edge devices, start monitoring them via API:

Remove the node from monitoring. See Delete devices from monitoring.
Re-add the node and select Orchestrator: API as the polling method. See Add new SD-WAN devices for monitoring in SolarWinds Observability Self-Hosted.

View SD-WAN data for Fortinet FortiManager Cloud devices

When SD-WAN monitoring is enabled, selecting the orchestrator opens the SD-WAN Orchestrator Summary view.

By default, it includes widgets you can use to manage the device, view the device details, active alerts, latest events, or AppStack for the device.

Edge Devices

This widget lists device names, IP addresses, models, serial numbers and network IDs of edge devices paired with the orchestrator.

Orchestrator Inventory

This widget displays a list of devices connected to managed orchestrators. Devices managed by SolarWinds Observability Self-Hosted are marked in the Managed by Platform column.

To add unmanaged devices, click the Discover Fortinet FortiManager Cloud Devices button and add them for monitoring.

SD-WAN Map

This widget is available on Orchestrator views. It displays connections between monitored devices on the network. For directly connected devices, you can also see used interfaces.

WAN UpLinks

On SD-WAN Orchestrator views, this widget displays WAN uplinks for all edges paired with the orchestrator.

On an edge Node Details view, the widget displays WAN uplinks for the edge.

Monitor Fortinet FortiManager Cloud SD-WAN interfaces

Interfaces on Fortinet FortiManager Cloud devices are polled via API. Interfaces are discovered during the API discovery. Interface Type is always reported as "Ethernet".

Interface polling intervals use the polling intervals set for nodes. As a result, to force polling interface details, select the parent node in Node Management and click Poll Now. The Poll Now option for individual interfaces is not available.

Threshold limitations for API-polled interfaces

Utilization Thresholds are supported but require the bandwidth setup. To make utilization thresholds work, set bandwidth on interfaces manually.

What is polled....

When?	What is polled?	What is NOT polled?
Rediscovery	interface index ifName MTU physical address interface speed interface name duplex mode interface alias
Status	interface index ifName interface name admin status oper status	interface last change
Statistics	interface availability sent and received bytes sent and received packets interface errors	other information on interface traffic To get information on interface utilization, set the bandwidth of the interface manually.

When?

What is polled?

What is NOT polled?

Rediscovery

interface index
ifName
MTU
physical address
interface speed
interface name
duplex mode
interface alias

Status

interface index
ifName
interface name
admin status
oper status

interface last change

Statistics

interface availability
sent and received bytes
sent and received packets
interface errors

other information on interface traffic

To get information on interface utilization, set the bandwidth of the interface manually.

Search SolarWinds Support