FortiGate is a popular network security platform developed by Fortinet that provides a wide range of security and networking capabilities. These include firewall, antivirus, intrusion prevention, web filtering, VPN, load balancing, and more—all managed through a single pane of glass.

Many organizations use FortiGate appliances and software to protect their networks. However, there may come a time when you need to uninstall or disable your FortiGate implementation. For example, you may be migrating to a new security solution, only requiring certain features and not others, or are doing troubleshooting and want to eliminate variables.

Fortunately, FortiGate makes it relatively straightforward to uninstall or disable components as needed. In this comprehensive guide, we will cover multiple methods for uninstalling or disabling your FortiGate deployment, including:

Completely removing FortiGate via the CLI or Control Panel.
Disabling specific features like web filtering, antivirus, etc.
Uninstalling just the management components like FortiClient and FortiManager

We’ll provide detailed steps for each method using both the web-based GUI and command-line interface (CLI). By the end, you’ll understand the various options for removing FortiGate or turning off parts of its functionality according to your requirements.

Key Takeaways:

FortiGate is a popular network security platform that provides firewalls, antivirus, web filtering, and more.
Depending on your needs, there are several ways to uninstall or disable FortiGate: completely removing it, disabling certain features, or uninstalling just the management components.
To completely uninstall FortiGate, use the CLI uninstall command or delete it via the Control Panel in Windows. You’ll need to remove licenses and back up config.
To disable features, go to the CLI or GUI and turn off individual settings, such as web filtering and antivirus.
To remove just the management components, go to Apps & Features in Windows and uninstall FortiClient and FortiManager.

Also Read: How to Remove Forticlient VPN in Windows, Mac & Linux

Completely Uninstalling the FortiGate Software

If your goal is to remove the entire FortiGate software package completely, you have a couple of options:

Using the FortiGate CLI

The most direct way to fully uninstall FortiGate is by using the CLI (command line interface) uninstall command. Here are the steps:

Connect to your FortiGate unit using SSH or a terminal emulator like PuTTY. You must have an admin account for access.
At the command prompt, type exec uninstall and press Enter.
You will be shown a disclaimer and asked to confirm if you want to continue. Type Y and press Enter to confirm the uninstallation.
FortiGate will then fully uninstall. The System will reboot once finished.

Once the reboot is complete, FortiGate will be completely removed from the device or VM. This includes all configurations, licenses, and data. Be sure to backup anything you need before uninstalling.

Using Windows Control Panel

If you installed FortiGate as software on a Windows system, you can also uninstall it using the Windows Control Panel:

Go to Control Panel > Programs > Programs and Features
Locate and select the “FortiGate” entry or “FortiGate Network Security,” depending on your version.
Click Uninstall/Change at the top menu.
In the uninstaller wizard that opens, select Uninstall and then click Next.
Click Yes on the confirmation prompt to fully uninstall FortiGate.
Once complete, restart your computer to finish the uninstallation process.

Like using the CLI method, this will remove all FortiGate components and associated data from the Windows device.

Licensing and Configuration Considerations

When fully uninstalling FortiGate, keep the following in mind:

The uninstall process will deregister any hardware-based FortiGuard licenses from your Fortinet account. Make sure to back up the license if needed.
All device configurations will be deleted, back up the config before uninstalling.
For VM deployments, the uninstall will remove the attached virtual disks.
Any associated logs or reports will be deleted.

So be sure to properly back up your FortiGate as needed before a full uninstallation.

Disabling Specific Features in FortiOS

Instead of completely removing FortiGate, another option is to disable specific features or functionality as desired. Common examples include:

Turning off web filtering
Disabling antivirus scanning
Turning off intrusion prevention
Disabling SSL/TLS inspection

And much more. This allows you to keep FortiGate installed but stop unused modules from running. Here are a couple of ways to disable features:

Using the FortiOS CLI

You can use the CLI to turn off FortiGate features individually. For example, to disable web filtering:

Connect to the CLI interface.
Enter the following commands:

config webfilter profile

edit [name]

set web-filter enable

end

Replace [name] with the name of your web filter profile.
Set web-filter enable to disable instead of enable.
Repeat for other profiles as needed.

This will turn off all web filtering functions while keeping the rest of FortiGate active.

Using the FortiOS GUI

You can also use the web-based GUI to toggle security features on and off:

Log into the FortiGate GUI with an admin account.
Go to Security Profiles and expand as needed to locate the profile category you want. For example, go to Security Profiles > Web Filter to find web filtering profiles.
Select a profile and locate the slider or toggle to enable/disable it.
Switch the slider to the disabled or off position.
Click OK or Save to apply the change.
Repeat for any other profiles you wish to disable.

Disable profiles applied to firewall policies to ensure the settings take effect. The GUI provides an easy way to turn features on and off with a simple click.

Potential Impacts of Disabling Features

When disabling FortiGate functionality instead of fully uninstalling it, keep in mind the following:

Disabled profiles will no longer inspect or filter traffic. Make sure you do not have an operational requirement for the disabled functions.
Order of operations matters—disabling a web filter won’t matter if SSL inspection is still enabled and decrypting traffic.
Perform testing to validate that intended configurations are in place after making changes.
Monitor for any unintended network availability or security impact.

So, selectively disable features with care and verification to avoid surprises. Temporary or pilot disabling can also help assess the impact.

Uninstalling Just the Management Software

Another option is to uninstall just the management and administrative components of the FortiGate deployment. This removes centralized control and monitoring, while leaving the FortiGate unit or virtual appliance still running with its current configuration.

Common management apps that can be independently uninstalled include:

FortiClient – Used for endpoint management and configuration.
FortiManager – Provides centralized management, provisioning, and monitoring for multiple FortiGate units.
FortiAnalyzer – Collects and analyzes log data from FortiGates as well as other Fortinet products.

Here is how to uninstall either of these if desired:

Uninstalling FortiClient

Go to Windows Control Panel > Programs > Programs and Features.
Select FortiClient and click Uninstall/Change at the top.
In the FortiClient uninstaller, choose Uninstall.
Click Yes on the confirmation prompt to uninstall.

Uninstalling FortiManager

Go to Windows Control Panel > Programs > Programs and Features.
Select FortiManager and click Uninstall or Change at the top.
In the FortiManager uninstaller, choose Uninstall.
Click Yes on the confirmation prompt to uninstall.

Once uninstalled, the central FortiManager will no longer manage or provision the FortiGate units. However, the FortiGates will continue operating independently, with their current configured policies and profiles still intact after the managers are removed.

Impacts of Removing Management Software

When uninstalling FortiClient or FortiManager, understand:

Endpoint clients will no longer be managed or receive configuration updates from FortiClient.
FortiManager will not centrally manage FortiGate units and changes must be made on individual devices.
Logging and reporting to FortiAnalyzer will stop. Logs will continue to reside locally on the FortiGate hard drive.
Licenses still need to be removed or changed since the FortiGate unit is still in place.

Here is how to uninstall either of these if desired:

Final Words

Fortinet FortiGate provides extensive network security capabilities to protect your infrastructure. However, there may come a time when you need to remove or scale back some of this functionality.

This guide covered the main methods for fully uninstalling FortiGate, disabling specific features, or uninstalling just the management components. Options range from a full removal to simply toggling off individual inspection profiles.

The key is understanding what level of uninstall is required for your specific needs. Proper planning, backups, change control, and testing will help ensure a smooth transition when making FortiGate changes. With the steps provided, you should feel confident to safely uninstall or disable FortiGate capabilities according to your environment’s requirements.

FAQs about Uninstall or Disable FortiGate

How do I back up my FortiGate configuration?

To backup your FortiGate config:

From the CLI, use the execute backup config tftp command to backup to a TFTP server.
In the GUI, go to System> Backup to create and download a backup file.

What is the impact of uninstalling FortiGate on active firewall policies?

Uninstalling FortiGate completely will remove all active firewall policies, security profiles, routing, VPN tunnels, etc., since the entire FortiGate system will be deleted.

Can I uninstall just certain components of FortiGate?

No, the CLI uninstall command and Windows add/remove programs will only uninstall FortiGate fully. To remove just portions, you’ll need to disable specific features or uninstall management apps like FortiClient selectively.

If I reinstall FortiGate later, will my previous configuration be restored?

No, when FortiGate is uninstalled, it deletes all of the existing device configuration. When reinstalling, you would need to reconfigure from scratch or restore from a backup file.

Will uninstalling disable all web filtering and antivirus scanning?

It depends. Completely uninstalling FortiGate will remove all web filtering, antivirus, and other security functions. However, you can selectively disable only portions by turning off just those specific profiles in the CLI or GUI as needed.

Is there any risk of traffic interruption when uninstalling FortiGate?

When doing a full uninstall, there will be a temporary disruption as the System reboots and deletes configurations. To minimize impact, schedule a maintenance window and use proper change control procedures. Make sure to back up the config first.

What is the easiest way to disable web filtering on my FortiGate?

The easiest way is to go to Security Profiles > Web Filter in the GUI and disable any profiles applied to firewall policies by toggling the slider to Off and saving. You can also use the CLI to edit and disable the web filter profile.

Jinu Arjun

Verified Experienced Content Writer

Jinu Arjun is an accomplished content writer with over 8+ years of experience in the industry. She currently works as a Content Writer at EncryptInsights.com, where she specializes in crafting engaging and informative content across a wide range of verticals, including Web Security, VPN, Cyber Security, and Technology.

How to Uninstall or Disable FortiGate: A Step-by-Step Guide

Easy Steps to Uninstall or Disable FortiGate