Hello,

Last week i posted a question similar to the one i am about to ask, but i believe i may have asked it in the wrong way. So here is the question posed in a more open ended way, asking for some direction.

I am new to Fortinet, having just moved our company from Cisco ASAs with Firepower to approximately 30 Fortigates, mostly models 40F, but a few of our bigger sites are using 60F and 81F. Currently running Fortimanager Cloud, firmware version 7.2.6, build 1575.

We are now using FortiManager Cloud Central Management & Orchestration, v7.4.1-build4261 230914 (GA) and need to learn how to re-create the global policies that we used to apply using Cisco Firepower, now using FortiManager.

Policy-wise, the 40F's are configured almost all the same, except for an extra interface or Virtual IP or two.
The other sites have a bit more going on, hosting many more virtual IPs, using policy routes, etc.

There are some policies we would like to apply globally, where we can make the change in one place and it would apply to all of the devices in a group. The main example would be to have a policy rule to completely block a constantly changing list of countries from ever accessing our systems.

We would want this policy to have priority over any rules already existing on an individual offices policies.

I was under the impression i needed to enable and create ADOMs to do this but it appears you cannot even use ADOMs with the cloud version, because i asked support a question about it and this is the response i received:

"Hello Jesse,
These options are not available when using FortiManager Cloud.
https://docs.fortinet.com/document/fortimanager-cloud/7.4.1/release-notes/865961/limitations-of-fort...

To use ADOMs and global policies, you would need to purchase a FortiManager VM or appliance."

So is there another kind of policy/method that we can achieve what i described above with when it comes to FortiManager Cloud, so i can read the appropriate documentation?

Thanks for your help!

Jesse