Configuring FSAE on Windows AD

Using FSAE on your network

Note: If no filter is defined for a FortiGate unit and there is no default filter, the collector agent sends all Windows AD group and user logon events to the FortiGate unit. While this normally is not a problem, limiting the amount of data sent to the FortiGate unit improves performance by reducing the amount of memory the unit uses to store the group list.

To view the FortiGate Filter List

1From the Start menu select Programs > Fortinet >

Fortinet Server Authentication Extension > Configure FSAE.

2Select FortiGate Group Filter. The FortiGate Filter List opens.

FortiGate SN

The serial number of the FortiGate unit to which this filter applies.

Description

An optional description of the role of this FortiGate unit.

Monitored

The Windows AD user groups that are relevant to the firewall policies

Groups

on this FortiGate unit.

Add

Create a new filter. See “To configure a FortiGate group filter” on

 

page 12.

Edit

Modify the filter selected in the list.

Remove

Remove the filter selected in the list.

OK

Save the filter list and exit.

Cancel

Cancel changes and exit.

To configure a FortiGate group filter

1From the Start menu select Programs > Fortinet >

Fortinet Server Authentication Extension > Configure FSAE.

2Select FortiGate Group Filter.

3Select Add to create a new filter. If you want to modify an existing filter, select it in the list and then select Edit.

 

Fortinet Server Authentication Extension Version 1.5 Technical Note

12

01-30005-0373-20071001

Page 12
Image 12
Fortinet FSAE To view the FortiGate Filter List, To configure a FortiGate group filter, Groups On this FortiGate unit Add