FortiGate-100A Administration Guide Version 2.80 MR7

Users and authentication

You can control access to network resources by defining lists of authorized users, called user groups. To use a particular resource, such as a network or a VPN tunnel, the user must belong to one of the user groups that is allowed access. The user then must correctly enter a user name and password to prove his or her identity. This is called authentication.

You can configure authentication in:

any firewall policy with Action set to ACCEPT

IPSec, PPTP and L2TP VPN configurations

When the user attempts to access the resource, the FortiGate unit requests a user name and password. The FortiGate unit can verify the user’s credentials locally or using an external LDAP or RADIUS server.

Authentication expires if the user leaves the connection idle for longer than the authentication timeout period.

You need to determine the number and membership of your user groups appropriate to your authentication needs.

To set up user groups

1If external authentication is needed, configure RADIUS or LDAP servers. See “RADIUS” on page 235 and “LDAP” on page 236.

2Configure local user identities in User > Local. For each user, you can choose whether the password is verified by the FortiGate unit, by a RADIUS server or by an LDAP server. See “Local” on page 234.

3Create user groups in User > User Group. Add local users as appropriate. See “User group” on page 239.

You can also add a RADIUS or LDAP server to a user group. In this case, all users in the external server’s database can authenticate.

This chapter describes:

Setting authentication timeout

Local

RADIUS

LDAP

User group

FortiGate-100A Administration Guide

01-28007-0068-20041203

233

Page 233
Image 233
Fortinet 100A manual Users and authentication, 233, To set up user groups

100A specifications

Fortinet 100A is a versatile network security device designed to provide comprehensive protection against various cyber threats while ensuring optimal network performance. As part of the FortiGate series, the 100A combines advanced security features with powerful hardware capabilities, making it suitable for small to medium-sized businesses.

One of the key features of the Fortinet 100A is its deep packet inspection technology. This capability allows the firewall to analyze both the header and payload of packets traversing the network, enabling it to detect and block malicious content effectively. The 100A can identify and mitigate a wide range of threats, including malware, intrusions, and application-layer attacks.

The FortiOS operating system powers the Fortinet 100A, offering a robust and user-friendly interface for configuration and management. With its unified security management console, administrators can efficiently monitor network traffic and enforce security policies across the organization. The system provides centralized logging and reporting features, enabling users to gain valuable insights into their security posture and respond swiftly to incidents.

The 100A supports multiple deployment modes, including transparent, NAT, and route modes. This flexibility allows organizations to integrate the device into their existing network architecture with ease. The firewall's high throughput capabilities ensure that network performance remains unaffected, even under heavy load from multiple users and devices.

Another notable aspect of the Fortinet 100A is its support for various VPN technologies, including IPsec and SSL VPN. This feature facilitates secure remote access for employees, enabling them to connect to the corporate network safely, regardless of their location. As remote work continues to be a norm in many sectors, this capability is critical for maintaining productivity and security.

In addition to these features, the Fortinet 100A provides comprehensive web filtering capabilities, protecting users from harmful websites and inappropriate content. This protection is essential for organizations looking to maintain a secure and productive environment.

With its combination of powerful security features, flexible deployment options, and robust performance, the Fortinet 100A stands out as an ideal solution for organizations seeking to bolster their cybersecurity measures while ensuring seamless connectivity for users. As cyber threats continue to evolve, investing in a capable device like the FortiGate 100A is crucial for maintaining a secure network infrastructure.