用户认证

配置 LDAP 支持

 

 

添加 LDAP 服务器

按以下步骤配置 FortiGate 设备的 LDAP 认证:

1 进入用户 > LDAP

2 单击新建以添加新的 LDAP 服务器。

3 输入 LDAP 服务器的名称。

您可以输入任何名称。此用户名可以包括数字 (0-9),大写和小写字母 (A-Z,a-z), 以及特殊字符 - 和 _。不能使用其它特殊字符和空格符。

4 输入 LDAP 服务器的域名 或者 IP 地址。

5 输入与 LDAP 服务器通讯的端口。

默认的 LDAP 使用 389 端口。

6 为这个 LDAP 服务器输入一个通用标识符。

大多数 LDAP 服务器的通用标识符是 cn。然而有些服务器可能会使用其他标识符例如 uid。

7 输入用于在 LDAP 服务器上搜索条目的名称。

使用适当的 X.509 或 LDAP 格式为服务器输入一个基本名称。FortiGate 设备会将这个 名称不加修改直接发送到服务器。

例如,您可以使用以下基本名称: ou= 行销,dc=fortinet,dc=com

其中 ou 是机构单位的缩写,dc 是域成员的缩写。

您还可以在基本名称中指定同一域名的多个实例。例如,要指定多个机构单位: ou= 帐目 ,ou= 行销 ,dc=fortinet,dc=com

8 单击确定。

图 19: LDAP 配置举例

删除 LDAP 服务器

 

您不能删除已经添加到用户组的 LDAP 服务器。

 

1

进入用户 > LDAP

 

2

对您要删除的 LDAP 服务器,单击服务器名边的 删除

图标。

FortiGate-500 安装和配置指南

177

Page 189
Image 189
Fortinet 500 manual 添加 Ldap 服务器, 删除 Ldap 服务器, 177, 进入用户 Ldap。, 进入用户 Ldap 。

500 specifications

Fortinet 500 is a next-generation firewall (NGFW) that is part of Fortinet's acclaimed FortiGate family, designed to provide advanced security for medium to large enterprises. This appliance is known for its high performance, flexibility, and ability to protect networks from a variety of cyber threats through its robust features and technologies.

One of the main features of the Fortinet 500 is its integrated security capabilities. It combines multiple security functions into a single device, allowing organizations to manage everything from intrusion prevention and antivirus to web filtering and application control. This integration leads to simplified management and increased efficiency, as users can address multiple security needs without deploying multiple devices.

The Fortinet 500 runs on the FortiOS operating system, which is known for its simplicity and user-friendliness. FortiOS provides a centralized management interface that allows for the easy configuration and monitoring of security policies across the entire network. Additionally, the Fortinet management tools, such as FortiManager and FortiAnalyzer, enable detailed insights and reporting capabilities, helping organizations stay compliant with their security mandates.

Another characteristic that sets Fortinet 500 apart is its advanced threat intelligence, powered by the FortiGuard Labs. This global threat intelligence system continuously updates the firewall with the latest threat signatures and attack vectors, ensuring that organizations stay ahead of emerging threats. The firewall also employs machine learning and artificial intelligence to detect and mitigate sophisticated attacks in real-time.

Performance is crucial in any security appliance, and the Fortinet 500 does not disappoint. With hardware acceleration and purpose-built security processors, it delivers high throughput levels, enabling organizations to maintain productivity without sacrificing security. This level of performance is particularly beneficial in environments with heavy traffic and bandwidth demands.

In addition to these core features, the Fortinet 500 supports seamless integration with other security solutions within the Fortinet Security Fabric. This comprehensive approach allows for greater visibility and control over the entire security posture of an organization.

Overall, the Fortinet 500 is a powerful NGFW that offers a blend of advanced security features, ease of management, top-notch performance, and robust threat intelligence. Its ability to adapt to the ever-evolving landscape of cybersecurity makes it a valuable asset for businesses seeking to safeguard their digital assets and ensure seamless network operation.