User

New features and changes

User

The User menu consists of the following menus:

Local

Radius

LDAP

Windows AD

User Group

Local

The Local menu is unchanged.

Radius

The Radius menu is unchanged.

LDAP

The LDAP menu is unchanged. However, it now has the Common Name Identifier, Distinguished Name, and Server Port fields on the LDAP page. The Server Secret field is now located in the CLI, under Radius in the User chapter. See the FortiGate CLI Reference for more information.

Windows AD

The Windows AD menu, new for FortiOS 3.0, enables you to configure your FortiGate unit on a Windows Active Directory (AD) network so it can transparently authenticate the user without asking for their username and password.

From the Windows AD menu, you can create a new Windows AD server and delete, edit or refresh the server.

Note: The Fortinet Server Authentication Extensions (FSAE) is included on your Fortinet Documentation and tools CD, or from the Technical Support website at https:\\support.fortinet.com.

User Group

The User Group menu is unchanged. However, you can now choose the type of user group from the following:

Firewall

Active Directory

SSL VPN

You can also select the FortiGuard Web Filtering Override option on the User Group page to enable your FortiGate unit to allow FortiGuard web filtering overrides.

24

Upgrade Guide for FortiOS v3.0

01-30000-0317-20060424

Page 24
Image 24
Fortinet FortiOS 3.0 manual Local, Radius, Windows AD, User Group

FortiOS 3.0 specifications

Fortinet FortiOS 3.0 is a robust network operating system designed to provide a comprehensive security solution for enterprise environments. Released as part of Fortinet's commitment to advancing cybersecurity, FortiOS 3.0 integrates several cutting-edge technologies and features to enhance network performance and protection against emerging threats.

One of the main features of FortiOS 3.0 is its advanced threat management capabilities. This includes intrusion prevention systems (IPS), application control, and web filtering, which work in tandem to identify and mitigate risks in real-time. The IPS component utilizes deep packet inspection to analyze traffic patterns and block malicious activity, ensuring that sensitive data remains secure.

Another key characteristic of FortiOS 3.0 is its unified threat management (UTM) approach. By consolidating multiple security functions into a single platform, organizations can simplify their infrastructure, reduce costs, and streamline administration. This consolidation is particularly beneficial for businesses looking to enhance their security posture without overwhelming their IT resources.

FortiOS 3.0 also incorporates advanced VPN capabilities, allowing remote access to secure corporate networks. With support for both IPsec and SSL VPN technologies, users can enjoy secure connections from virtually any location, which is essential in today's increasingly mobile work environment. This flexibility promotes productivity while maintaining stringent security standards.

Additionally, FortiOS 3.0 includes sophisticated logging and reporting features. These provide critical insights into network activity, helping organizations to analyze potential threats and compliance with industry regulations. Customizable alerts and reports empower IT teams to remain vigilant and responsive to any irregularities or breaches in security.

Moreover, FortiOS 3.0 leverages Fortinet's proprietary security processor technology, which accelerates threat processing and reduces latency. This hardware acceleration ensures that even in high-volume traffic situations, security measures do not compromise network speed.

In summary, Fortinet FortiOS 3.0 stands out due to its comprehensive security features, unified threat management capabilities, advanced VPN functionalities, and robust logging and reporting tools. These characteristics make it an ideal solution for organizations seeking to enhance their cybersecurity measures while maintaining operational efficiency. As cyber threats continue to evolve, FortiOS 3.0 equips enterprises with the tools necessary to safeguard their networks effectively.